010-ceycey 的 write up
1. Execution of program
When we first opened the software input box, we were prompted to write it here!! :P We casually entered a string of passwords and clicked check, but nothing happened. Then we looked at the relevant information about the software as shown in the figure:
2. Check the shell
It can be seen that the program has a UPX shell.
3. Shelling
Classic UPX shelling
4. Program analysis
OD intelligent search key string:
Double-click Do not think u r good, the trace enters, and it is guessed that this is a prompt string after success.
It can be seen as follows:
There is a strange string ULTRADMA, but I don’t know what it is used for. By tracing 00403C8C, you can find that this is a function similar to string comparison, and the password is:
Instead of copying a hundred articles, it is better to practice and write one yourself. Respect intellectual property rights. Writing notes is hard work. Reprinting is prohibited! ! !