I used FUU to unpack it but when I executed, the following error message appeared:
"Unable to open the script file."I loaded the unpacked file in Ollydbg and saw some string references about "AutoIt", so, I remembered an AutoIt crackme from 2005 I solved it. At that time, I used Aut2Exe v3 but it did not work this time. So, I searched for another AutoIt decompiler and found exe2aut that worked fine.
I loaded the sample2.exe into exe2aut and this was the result:
The value in $key seems to be a base64 encoded string. Decoding that string gave us the flag:
$key = "ZjlmMGMyOTZmYzA5OTNlNDMwMDkwYjY5NWI2M2ZhYTQ="
MsgBox(64, "[MSG]", "Much simpler than that")
>>> "ZjlmMGMyOTZmYzA5OTNlNDMwMDkwYjY5NWI2M2ZhYTQ=".decode("base64")The flag was: f9f0c296fc0993e430090b695b63faa4
'f9f0c296fc0993e430090b695b63faa4'
No hay comentarios:
Publicar un comentario