(From Darkfloyd and AlanH0) At the beginning, I put it in IDA Pro, and found out there is a if-then case for displaying the message. However, for better understanI simply reverse the .exe file with .NET reflector (http://reflector.red-gate.com/download.aspx?TreatAsUpdate=1) and find out that there is a condition of balancing two formula, it could display two different message boxes.  We simply write a simply python to bruteforce those variables. The source code is shown as below: def formula1(a,b,c): return ((a + (c*b) - c) + (a*a) * c) - b def formula2(x,y,z): return ((z * (34*y + 2*x)) + 7488) #(a + (c*b) - c) + (a*a) * c) == (z * (34y + 2x)) + 7488) && (x > 77)) for a in range(0,256): for b in range(0,256): for c in range(0,256): v1 = formula1(a,b,c) v2 = formula2(a,b,c) if (v1 == v2): print str(a) + " " + str(b) + " " + str(c) Finally, we have got the values of variables (89,233,144) and, we exchange the value position and got the key.  |
Blog & CTF Write-up >