![]() Using this tool, I extracted all the Python libraries and files to a folder. We can extract the Python code from the binary using the tool Python Exe Extractor that is freely available on GitHub. Some of the more important strings I found are for Python error codes, like “Error loading Python DLL ‘%s’.\n” and other errors that led me to believe that this was a wrapper for a Python script. We can use the -zqq flag to analyze the strings in the binary. So, the next step would be to find that username and password. ![]() ![]() If we get it wrong, then the application closes. Now let us run the binary to see what we are looking for in this challenge.Īs you can see, it asks for us to input a username and password. We can see that this is a standard Windows executable. Like usual, when I start an analysis on an unknown binary I always start by using rabin2 to get basic information about it. If you want to follow along you can download the application from the official MalwareBytes post here. This article will be my write-up for it so readers can see the techniques that were used in this CrackMe and the steps I went through to reverse engineer the application and get the flag. MalwareBytes recently released their second CrackMe Challenge and I managed to solve it.
0 Comments
Leave a Reply. |
Details
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |