WEBVTT 1 00:01.740 --> 00:03.060 Welcome back. In this, 2 00:03.060 --> 00:10.230 in this video, we are going to patch the file to show the good message no matter what the password is. 3 00:10.230 --> 00:11.970 So I hope you have tried that. 4 00:12.150 --> 00:12.930 Let's begin. 5 00:13.500 --> 00:22.500 So I'm going to restart this and run to the first breakpoint, and just step over until I come to this, 6 00:22.500 --> 00:30.930 uh, read, uh, password function, step over it, and then I will just enter any wrong password. 7 00:32.490 --> 00:35.700 1, 2, 3, 4, 5, 6, 7, 8, 9, hit Enter. 8 00:35.970 --> 00:37.590 And then over here. 9 00:37.590 --> 00:40.950 Now we can graph this. Right-click and graph it. 10 00:41.580 --> 00:45.360 And you can see, uh, there are many ways to solve this. 11 00:46.440 --> 00:47.220 We're going to come here. 12 00:47.220 --> 00:52.080 Now one way to solve it is to just reverse the jump. 13 00:52.080 --> 00:56.670 That means assemble a JG, jump equal. 14 00:56.670 --> 01:01.740 That will reverse the logic so that no matter when you enter the wrong password, it will always go 15 01:01.740 --> 01:04.350 to the right and show you "nice job, password found." 16 01:05.340 --> 01:12.450 But if you did that way, then if you enter the right password, uh, it will go and say "wrong password." 17 01:12.570 --> 01:16.380 So it's just reversing the logic, okay. 18 01:16.470 --> 01:21.150 And another way, easier way to do it, is to NOP this. 19 01:21.150 --> 01:25.770 When you NOP this, you will always go to the right because this jump will never happen. 20 01:25.770 --> 01:27.510 So we're going to try a NOP. 21 01:27.750 --> 01:31.500 So just right-click this and just put a comment there. 22 01:31.500 --> 01:32.940 I'm just going to put the comment there. 23 01:33.900 --> 01:35.160 Uh, NOP this. 24 01:38.170 --> 01:38.830 Okay. 25 01:39.460 --> 01:40.690 And then here. 26 01:40.780 --> 01:41.590 Uh, refresh. 27 01:41.590 --> 01:42.670 You see the NOP? 28 01:44.170 --> 01:44.800 There you go. 29 01:44.920 --> 01:47.290 Right-click and follow in disassembler. 30 01:47.470 --> 01:51.580 And this is the one you're going to NOP. 31 01:51.790 --> 01:55.840 So you can just right-click, binary, fill with NOPs, click okay. 32 01:56.050 --> 01:57.340 And then you can patch it. 33 02:00.280 --> 02:03.340 Patch it and give it a name. 34 02:04.600 --> 02:06.640 Call this, uh, dash 2. 35 02:09.520 --> 02:10.000 Okay? 36 02:10.000 --> 02:13.870 And now we're going to try our patch with just any wrong password. 37 02:16.300 --> 02:17.560 And you see this, "nice job, 38 02:17.560 --> 02:18.220 password found." 39 02:18.250 --> 02:19.420 So it's that simple. 40 02:19.570 --> 02:21.190 There are more than one ways to solve this. 41 02:21.190 --> 02:28.750 Of course, instead of doing this, you could have gone inside this call, and then, um, you can just 42 02:28.750 --> 02:39.070 graph this and see, you know, you can just somehow, um, at the bottom here, you can reverse some 43 02:39.070 --> 02:39.610 jumps. 44 02:40.150 --> 02:49.090 Now, for example, all this, you can set some value to, uh, -, make it 1, for example. 45 02:50.230 --> 02:54.280 Or you can OR - also possible, might be possible. 46 02:55.210 --> 02:55.600 All right. 47 02:55.600 --> 03:02.080 So there's more than one way to actually solve this problem, this, uh, crackme. 48 03:02.740 --> 03:05.830 You might also explore maybe reversing some jumps here. 49 03:06.220 --> 03:07.900 So there's many ways you can do it. 50 03:07.900 --> 03:10.060 So I leave that to you as an exercise. 51 03:10.330 --> 03:16.930 So that's all for this video on how to patch the program to always show the good message, no matter 52 03:16.930 --> 03:18.610 what your password is. 53 03:19.180 --> 03:19.840 That's all. 54 03:19.840 --> 03:20.650 I'll see you then. 55 03:20.650 --> 03:21.970 Thank you for watching.