Jump to content
xisto Community
Sign in to follow this  
whyme1405241479

Whyme's Cracking Challenge Part 1 Of 4 (easy) Very Easy Cracking Challenge

Recommended Posts

Well, I couldn't resist not making one myself, so here it goes:

I have a little VB App that will ask for your username and password, and will give you an "access key" once you get the right info, this is pain-stakingly easy (heck, you don't even need to know the username and password - big hint. :D ), but, this is just to rev up your engines, as this is part 1 of my four part VB/PHP/MySQL/C++ Cracking Challenge.

Each challange will connect onto the next challenge, so the end product that you get from this one, will be highly important for the next challenge that you undertake.

you can find the program here.

http://forums.xisto.com/no_longer_exists/

Have fun,

-whyme

small topic title name change :( hacking = cracking

Edited by jipman (see edit history)

Share this post


Link to post
Share on other sites

Not fond of VB but still was able to do this challenge under Linux, which is just a bonus, since I hate needing to switch back to Windows.Hopefully you'll bring more challenges similar to this but a bit harder, we could find all the information we needed just viewing this in a hex-editor, without needing that username and password but we could use them and still get a popup of what the key is.Cheers,MC

Share this post


Link to post
Share on other sites

Hehe.. I did it in windows too and pm-ed you a snapshot. As MC pointed out - I never needed to figure out your password. I got to the popup of your keys straight out :D Check your pm for the resultant screenshot - it's on imageshack... and I'd have uploaded the cracked file :P but now it's in such a state that you can type any login/pass and get to your final popup screen :( I went one step up and removed all the your login/pass checking parts from the code and fixed the JUMP instructions to point straight to your popup box.. this way it completely bypasses your verification system.. no more pass needed.. the snapshot that you've received was logged in with "blah" & "blah" as username/pass :DComeup with somethign harder next time.. Regards,m^e

Share this post


Link to post
Share on other sites

WOW....
why are VB windows executables made up of 75% NULL.
that doesnt happen on the GNU c++ compiled ececuatbales.

anyways....
yeah, ive completed it too, but i used the *nix strings command instead of a hex-editor.

are we supposed to PM the answers, or post them ???

edit:
lol, ahh, found a second set of passwords and usernames after i relxed grep and discovered the typo.

passowrd is ###############

Share this post


Link to post
Share on other sites

Haha, like what I said, this isn't meant to be hard or challenging, only to start up your engines for the next one. :(I'm currently developing the next challenge in PHP , and that "end product" you get from this challenge will be important for the next one.I expect to be done in 5 - 8 days.cheers,-whyme

Share this post


Link to post
Share on other sites

lol.. okay, i thought that

this is just to rev up your engines

was a clue to start reverse engineering :(

Share this post


Link to post
Share on other sites

m^e,

 

If I maybe so bold, I want to test your theory on the any state.

 

Depending on how your altered the jump, how about inputting the correct username and password into it and seeing whether this is the case?

 

 

MC

Share this post


Link to post
Share on other sites

altering jump instructions with hex-editors used to be what all the 7337 h@)(0r$ were doing back in the Amiga days.anyone have an amiga ?i remember when you booted a game (cos thats what you did, games didnt run inside OS's)a crached game would show up a page bragging about who pirated and crached is.."Crystal Cracked" were quite famous.this bragging page would often have very amasing graphics, cool music.eventually, the bragging page became more important that the cracking.and this is how demo's came to be (or thats how the legeng goes)they also used to post the hpone numbers of the BBS servers that these hackers used to run.damnit.. i really was born 10 years too late.in the amiga days, we didnt have any of this Geforce FX 6800 SLI PCI-E crap !We had the "Angus" Chip, and if you were rich, you upgraded to "Fat Angus"and if you were really rich, you could go crazy, an buy a super charged "Fatter Angus" chip.and if you were a billionaire, you could rpobably afford 2mb or ram for $300.ahh the good old days.

Share this post


Link to post
Share on other sites

you dont need to run the program.i dont even have windows, and i managed it :)read the other replys to this topic for clues... (ahem,, hex-editor) (ahem cygwin strings)(ahem, probably even notepad, lol)

Share this post


Link to post
Share on other sites

I am totally new to this hacking, crecking VB and all that, but I managed to figure the username and password using notepad :) I couldnt understand much, as all I knew was HTML, but still managed to figure it out.Its the most ..ahem.. obvious ....Peace,-!DraXxuS!-

Share this post


Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
Sign in to follow this  

×
×
  • Create New...

Important Information

Terms of Use | Privacy Policy | Guidelines | We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.