Skip to main content

Malwarebytes CrackMe 2: try another challenge

Last November, we released the first edition of the Malwarebytes CrackMe. Encouraged by the positive response we received from the security community, we decided to repeat the game, hopefully making it even more interesting and entertaining.

As before, the CrackMe is dedicated to malware analysts and to those who want to practice becoming them. That's why it is not just a set of some abstract riddles, but an exercise that walks through selected tricks that were used in real malware. (Expect some original schemes designed just for this game, too.)

Of course, all is demonstrated on harmless examples, but we still recommend you use VM for reversing it so that it will not interfere with any antivirus protection.

Rules of the contest

There are two CrackMe contests:

  1. Capture the flag. The first three submitted flags win. The flag should be submitted along with (minimalistic) notes about the steps taken to find it. (No detailed write-up is required.)
  2. Best write-up. The write-up will be judged by its educational value, clarity, and accuracy. The author should show his/her method of solving the CrackMe, as well as their level of understanding of the techniques used. The write-up submission contest closes three weeks after capture the flag.

Submissions to both contests should be sent to my Twitter account: @hasherezade. Each of the four winners will get a prize: a book of his/her choice and some Malwarebytes swag.

At the end of the contest, I will publish my own solution, made from the point of view of author. All the submitted write-ups will be linked.

Asking questions

I want the contest to be fair to everyone, so I will not be answering any questions in private. However, if you are stuck, please don't hesitate to post your question in the comments section of this post, and I will answer as soon as possible. The questions can be also answered by other participants. Giving false clues or teasing beginners will result in a ban—please respect fair play.

The application

The application is a Windows executable. It was tested on Windows 7 and above.

You can download it here.

Have fun!

The post Malwarebytes CrackMe 2: try another challenge appeared first on Malwarebytes Labs.



from Malwarebytes Labs full article here

Popular posts from this blog

Malwarebytes CrackMe 2: contest summary

About three weeks ago, we published our second CrackMe . It triggered a lot of interest, and we got many high-quality write-ups. Choosing the winner was really difficult! In this post, I am going to summarize the contest and comment on the received submissions. CrackMe 2 challenge The topic of the challenge was Python, and its goal was to teach how the Python scripts can be packaged and integrated with native executables. The involved Python script was not obfuscated, and the user was supposed to adapt it for the purpose of finding the solution. The CrackMe was made of three components, cooperating with each other: a Python script (converted to EXE with the help of PyInstaller) a native DLL, loaded with the help of the above script a Python script unpacked by the DLL and injected into Actxproxy.dll In the first level, the user was supposed to find a valid PIN to decode a URL, from which the next level was downloaded. The next level was a native DLL that was inject...
Read more

BlackArch Linux - Penetration Testing Distribution

BlackArch Linux is an Arch Linux-based penetration testing distribution for penetration testers and security researchers. It contains over 1800 security and hacking tools. Here is the complete list of tools in the BlackArch Linux: 0d1n : Web security tool to make fuzzing at HTTP inputs, made in C with libCurl. 0trace :  A hop enumeration tool. 3proxy : Tiny free proxy server. 3proxy-win32 : Tiny free proxy server. 42zip : Recursive Zip archive bomb. a2sv : Auto Scanning to SSL Vulnerability. abcd : ActionScript ByteCode Disassembler. acccheck : A password dictionary attack tool that targets windows authentication via the SMB protocol. ace : Automated Corporate Enumerator. A simple yet powerful VoIP Corporate Directory enumeration tool that mimics the behavior of an IP Phone in order to download the name and extension entries that a given phone can display on its screen interface ad-ldap-enum : A LDAP based Active Directory user and grou...
Read more