In my experience with using OllyDBG, after dealing with the anti-debugging techniques some instructions were not being displayed correctly which hindered my RE analysis and got me stuck. Tried x32dbg and managed to solve it from there.
I’ve been struggling with this challenge for several days. Learned quite a lot about anti-debugging techniques on the way. I’ve used IDA 7.0 Free to complete the challenge.
Just completed today morning. Nice challenge. It did not make my hair white like “find the secret flag” did, but I really enjoyed. Now only heavy reverse stuff left to complete, so real headache is just before me -
I’m truing patch binary with modificated sym._main I’m repite decrypt as it done in this programm but my new file raise exception by address 0x401722
Could somebody give tips into PM about it?
I just completed this challenge and i don’t agree that its hard. There is no need to patch anything. I used x32dbg, then advanced → Hide Debugger option from x32dbg. just go along and keep your eyes open . You can use scyllahide as well. If the program exits, may be it is its natural behavior. Dont doubt your anti-debugging plugin.
i guess i need help with that , am using IDA i started the debugger and am trying to use anti debugging techniques but am not sure what am i doing where am going with that
It turns out that I had the flag very quicky but for whatever reason it did not work, perhaps I noted it down wrong. Nothing more to add beyond what has already been said.
Hey, I’m kind of new to reverse engineering I have completed some of the easy ones here but I’m facing real difficulties in this one, I’m using x64dbg with scylla and I’m trying to go in by steps and also have tried to change some jumps on debug check and fill it with nop but I’m still stuck and the patch exe i generated is not even running in windows.
hey guys,
how can I know if I’m on the right way? I’m using x32dx (hide debugger setting on) + ScyllaHide, but can’t seem to find anything. I’m really new to RE, so would appreciate a hit or two ^^
What are the required tools.Iam using Termux on Android.Can someone explain the methodology behind the Debugger Challenge.Or is that too much?Thank you.
Took me a day to solve it without any tooling (besides IDA and its embedded debugger). At first it may seem a bit complex but as you start pulling the string it becomes more and more evident what you need to actually bypass.
Lets See… x32 dbg, ScyllaHide… Nothing. Ollydbg + ScyllaHide… Nothing. Looked at Strings, looked at the absurd amount of code… yeah, no. I’ve spent hours running, stepping, and combing through this stupid binary for literally anything remotely “important” looking, and I just *don’t* get what we’re supposed to learn here. Could someone please either drop some hints here, or tell me where to look in DM’s? I feel like I have all the tools necessary, but am being tasked with building a functional spaceship out of peanut butter.
Hoo boy, that took me a GOOD while. I agree that its not “hard” in perhaps the traditional sense. This one is more like… looking for a vanishing needle in a haystack. I agree that scyllahide will help, and that you should probably use a debugger that supports it to simplify things if you’re new. As for the most important part: This challenge is trying stop you from using a debugger. It’s NOT trying to play with your mind, so don’t worry too much on reading into every nook and cranny, because there are a LOT of places to get lost if you try that. (Turns out I was building my own peanut-butter-spaceship. don’t read too into things haha!) Get your debugger working. find where things actually happen. Then, have patience and be methodical. everything ending suddenly may be normal~