Friday, July 2, 2010

Little Cracking Tutorial

Hey Guys ,

After finishing my exams , i decided to make a little program that asks the user for a valid password to crack it .
Well , here are the program codes ::>

When you execute the program , and feed it with a wrong guess password , it will give u this message::>
Excellent , so now we know that the program scan our input and check if it is the right password or no.

Let's play more deeper , we will open it within a debugger ( i'm using immunity , but you can use your favorite one ) :
 Now , we are going to search for all text and strings in the program hopefully to find something useful :
We will find that there are many strings , we will play with the known one which is " Enter your password: " :
Now , double click on the string that we have chosen , we should notice that we will land on an area full of instructions with some jumbs that i will talk about it later on :
If we looked deeper , we will notice ( with a basic knowledge in assembly ) the instruction of the test case , it tests if the user input will be equal the string or not , if it is , the zero flag ( ZF ) will be equal to 0 and if it is not it will be equal to 1 , after that , we should notice also the JNZ instruction ::>
This instruction made the execution flow goes to the message ( Sorry, wrong Guess ) which belong to the address ( 0040136D ) , so now we need the program to take our password and tell us that this is a right guess password , we have to choices we can do here , the first is that we can change the jump if not zero instruction to jump if zero ( JZ ) , and the second one is that we can change the address of the message ,
so instead of jumping to ( Sorry , wrong guess ) , it will jump to ( Nice guess ) and of course all that in the case where we entered a wrong password so the zero flag will be equal to 1 ::>
Of course , you should have noticed that the address of the other message is 0040135F , now if we saved our work and launched the program and feed it with any wrong password it will give us ::>
Ok , now and after we cracked that little program , there is a great site that anyone can practice his cracking skills , .
PS: You can make a stack overflow in that program by filling the password by a very big number of strings ( more than 500 ) .