Leaked key in ciphertextĪ good idea would be to take a step back and take a look at our ciphertext for any clues. This means that brute-force is a no go, and we should try something else.
As we later find out, the password was actually 49 characters long, which would mean that we would have had to try 100 to the power of 49 (that's 1 followed by 98 zeros) passwords, a few orders of magnitude greater than the number of atoms in the observable universe. There are 100 printable ASCII characters (we can find this out with len(string.printable)), meaning that every time we add a new character, our new search space is 100 times bigger. The second more pressing problem is that the search space grows exponentially with the password length. Firstly, the ciphertext is 241152 bytes which is huge, so for each password attempt, every time we call xor(ciphertext, key), there are a lot of operations to be run.
However, if we run it, we find that our script can barely get to trying passwords of length 3 before it starts to get stuck. printable for length in range( 1, 50):Īttempts = itertools. Import zlib import string import itertools CHARSET = string. Then, we can re-implement the extraction method without doing any XORing to get our ciphertext. We need to first extract the resource, we'll call it mb_logo_star.png As for the length, we can just try different values until we find a password of some length that matches.įirst, we should extract the ciphertext from the image. We know that we have to enter the password into the text box before its used by the decode method, so the password would likely be made up of printable ASCII characters.
This involves trying different values of the password, and verifying if the decrypted payload is correct by comparing the CRC32 checksum against 0xA367C374.Īs mentioned previously, we don't know the character set or the length of the password, but we can make a few reasonable guesses. Brute force attackĪn obvious (but later shown to be unfeasible) method would be to try brute forcing the password. The next few sections will talk about different methods to recover the password. What kind of characters make up the password.The CRC32 checksum of this decrypted executable file is 0xA367C374.The password XOR-decrypts the ciphertext (embedded in the resource image) into an executable file.To find the first password, it's probably a good idea to look into the method that is called when the first button is clicked, button1_Click(object sender, EventArgs e). Hence, this crackme challenge can be divided into 3 levels, each level corresponding to a password to find. Under the Form1 class, we see 3 important methods, button1_Click(object, EventArgs), button2_Click(object, EventArgs), and button3_Click(object, EventArgs), which are called when the corresponding form buttons are clicked.
Luckily for us, the variables in the code are properly named and aren't obfuscated.
This means that we can analyze the binary in dnSpy which would allow us to see the C# code in the binary.
NET directory, which tells us that this is a. NET assembly and it contains a directory called the. When we open it in CFF explorer, we see that the file type is a. When we run the application we see a GUI like this, containing a form with text fields asking for 3 different passwords and buttons labelled "Check!" The crackme is an executable called MBCrackme.exe. listing files) are so much more simple in powershell While we can survive with just python, some actions involving the OS (e.g.
Pip install Pillow numpy pefile pycryptodome