debugme

In my experience with using OllyDBG, after dealing with the anti-debugging techniques some instructions were not being displayed correctly which hindered my RE analysis and got me stuck. Tried x32dbg and managed to solve it from there.

Hope someone finds that helpful!

Think i found the decryption of the flag before the program exits, but it decrypting rubish … using x32dbg and scylla hide

I’ve been struggling with this challenge for several days. Learned quite a lot about anti-debugging techniques on the way. I’ve used IDA 7.0 Free to complete the challenge.

Just completed today morning. Nice challenge. It did not make my hair white like “find the secret flag” did, but I really enjoyed. Now only heavy reverse stuff left to complete, so real headache is just before me -:slight_smile:

Someone please reach out and help me. I’m completely lost. Trying to use Suylla but again, super lost.

I’m truing patch binary with modificated sym._main I’m repite decrypt as it done in this programm but my new file raise exception by address 0x401722
Could somebody give tips into PM about it?

Thanks.

I’ve done it with x32dbg but I interest how can do it with radare2.
I like radare2 :slight_smile:

I really liked this challenge. Thank you for uploading it!

I just completed this challenge and i don’t agree that its hard. There is no need to patch anything. I used x32dbg, then advanced → Hide Debugger option from x32dbg. just go along and keep your eyes open :slight_smile: . You can use scyllahide as well. If the program exits, may be it is its natural behavior. Dont doubt your anti-debugging plugin.

i guess i need help with that , am using IDA i started the debugger and am trying to use anti debugging techniques but am not sure what am i doing where am going with that

Later to several attemps, think to found a possible flag, but it´s wrong. Someone can help me? Thanks in advance :slight_smile:

It turns out that I had the flag very quicky but for whatever reason it did not work, perhaps I noted it down wrong. Nothing more to add beyond what has already been said.

Hey, I’m kind of new to reverse engineering I have completed some of the easy ones here but I’m facing real difficulties in this one, I’m using x64dbg with scylla and I’m trying to go in by steps and also have tried to change some jumps on debug check and fill it with nop but I’m still stuck and the patch exe i generated is not even running in windows.

Any help would be appreciated, thank you.

hey guys,
how can I know if I’m on the right way? I’m using x32dx (hide debugger setting on) + ScyllaHide, but can’t seem to find anything. I’m really new to RE, so would appreciate a hit or two ^^

thanks!

What are the required tools.Iam using Termux on Android.Can someone explain the methodology behind the Debugger Challenge.Or is that too much?Thank you.

Took me a day to solve it without any tooling (besides IDA and its embedded debugger). At first it may seem a bit complex but as you start pulling the string it becomes more and more evident what you need to actually bypass.

Check the file entry point and start from there !

can any one help me to decrypt an Exe ??

solved it , no need for debugger just static analysis(binary ninja) + python is enough.

Lets See… x32 dbg, ScyllaHide… Nothing. Ollydbg + ScyllaHide… Nothing. Looked at Strings, looked at the absurd amount of code… yeah, no. I’ve spent hours running, stepping, and combing through this stupid binary for literally anything remotely “important” looking, and I just *don’t* get what we’re supposed to learn here. Could someone please either drop some hints here, or tell me where to look in DM’s? I feel like I have all the tools necessary, but am being tasked with building a functional spaceship out of peanut butter.

Hoo boy, that took me a GOOD while. I agree that its not “hard” in perhaps the traditional sense. This one is more like… looking for a vanishing needle in a haystack. I agree that scyllahide will help, and that you should probably use a debugger that supports it to simplify things if you’re new. As for the most important part: This challenge is trying stop you from using a debugger. It’s NOT trying to play with your mind, so don’t worry too much on reading into every nook and cranny, because there are a LOT of places to get lost if you try that. (Turns out I was building my own peanut-butter-spaceship. don’t read too into things haha!) Get your debugger working. find where things actually happen. Then, have patience and be methodical. everything ending suddenly may be normal~