Double-click to open the program.
Breaking encryption methods:
Followed by input: 1,2,3,4,5,6,7,8
Another hack:
x32dbg open the program.
alt + F9
Jump to user functions:
F7 to enter the function.
Search string
There may be "done !!! the flag is" kind found in the string.
Double-click to enter.
A breakpoint at the push ebp.
Know where to flag function entry. But can be found, flag is not produced here.
But also found a lot of alphanumeric below. Speculation, flag generated by the code below.
In done !!! the flag is immediately below add esp, 4
Description This function is not followed ret to go below (i.e. generated flag). (Here you can see a% s, which is to be assigned to the local flag of% s. Envious of those who are new to guess !!! chase code)
We tried to flag the entry function in other places to call.
The entry point address of a note flag. I was 0x0083E940.
For example: initialization time. Or input parameter goes wrong.
The following second attempt, an error in the input parameters of the time.
Found in the string "sorry, n error, try again \ n".
Double-click to enter.
Double-click to modify the jump address.
Click on the top left corner of the File -> patch -> patch file, save it as 1.exe. Double-click to open.
Just enter a series of numbers. Can the flag.
in conclusion:
This flag should be considered blasting out. Because they are fundamentally not clear lamp algorithm is also unclear flag algorithms. Using a call jump directly.