WEBVTT 1 00:00.140 --> 00:00.680 Welcome back. 2 00:00.680 --> 00:03.980 In this lesson, I'm going to show you how to bypass the encryption. 3 00:03.980 --> 00:07.280 We don't have to go and figure out how to decrypt it. 4 00:07.280 --> 00:09.230 So let's restart this program. 5 00:10.970 --> 00:19.070 And then now, let's put it here, and then we have a breakpoint, I believe. 6 00:19.070 --> 00:23.270 So we run to our breakpoint. Press G to graph it. 7 00:25.600 --> 00:32.500 Okay, so now we run to this point here, and then it asks for the password. 8 00:32.920 --> 00:33.250 Right. 9 00:33.250 --> 00:34.540 It's asking for password. 10 00:34.540 --> 00:38.050 Let's step away until this comes—this becomes into a running state. 11 00:39.550 --> 00:41.830 So let's move this step over. 12 00:42.310 --> 00:42.610 Okay. 13 00:42.610 --> 00:43.780 Now it's in the running state. 14 00:44.470 --> 00:46.210 This is now in the running state. 15 00:46.780 --> 00:50.410 We enter 123456789. 16 00:51.100 --> 00:52.090 And we hit Enter. 17 00:52.510 --> 00:55.330 Now let's go back to a pause state so we can step over. 18 01:00.290 --> 01:05.990 So we are going to—every time we see a comparison, we are going to reverse it. 19 01:05.990 --> 01:10.730 So in this case here, it is expecting this to be—all right, never mind. 20 01:10.730 --> 01:11.120 Never mind. 21 01:11.120 --> 01:11.960 This is just a loop. 22 01:11.960 --> 01:13.490 So we don't need to reverse this. 23 01:13.580 --> 01:17.150 We can break out the loop by jumping over the loop. 24 01:17.360 --> 01:18.980 Select this part here. 25 01:19.460 --> 01:21.140 Debug, run until selection. 26 01:21.140 --> 01:21.920 We are out of the loop. 27 01:22.730 --> 01:23.930 Here's another loop. 28 01:23.930 --> 01:25.640 So we're going to bypass the loop. 29 01:26.660 --> 01:30.140 Select this, and then debug, run to selection. 30 01:30.140 --> 01:31.490 So we come out of the loop. 31 01:33.110 --> 01:35.360 Here is where the encryption is happening. 32 01:35.360 --> 01:41.000 So we're going to skip all the encryption until we come to our next compare. 33 01:41.000 --> 01:42.680 So look for compare. 34 01:43.460 --> 01:45.290 So there is no compare here. 35 01:46.400 --> 01:48.230 There is a compare here, okay. 36 01:48.440 --> 01:51.680 So this comparison will determine this move. 37 01:51.770 --> 01:56.330 So what we do is we will now 38 01:58.170 --> 01:59.850 run to this selection. 39 01:59.880 --> 02:00.390 Debug. 40 02:00.450 --> 02:01.830 Run to this selection. 41 02:03.120 --> 02:09.510 And then here we are going to check the comparison is 42 02:11.900 --> 02:13.010 comparing - with this memory address. Is zero equal to zero? 43 02:13.010 --> 02:18.170 comparing - with this memory address. Is zero equal to zero? 44 02:18.170 --> 02:19.160 Yes, it's zero. 45 02:19.160 --> 02:20.360 So it's a good thing. 46 02:23.840 --> 02:26.720 So because it is true, it is— 47 02:26.720 --> 02:27.950 these two are the same. 48 02:28.370 --> 02:29.870 Therefore, it will perform 49 02:29.870 --> 02:31.280 this. Is both. 50 02:31.730 --> 02:32.330 So let it move. 51 02:32.330 --> 02:33.350 It is okay. 52 02:34.370 --> 02:36.860 Now this comparison, are these two the same? 53 02:36.860 --> 02:38.180 No. One and 20. 54 02:38.210 --> 02:38.870 They are not the same. 55 02:38.870 --> 02:41.630 So the jump will happen. 56 02:41.810 --> 02:43.100 So we don't want it to jump. 57 02:44.180 --> 02:47.330 We toggle the flag so that it won't jump. 58 02:47.990 --> 02:54.080 Whenever a comparison fails that causes a jump, it means it's bad. 59 02:54.620 --> 02:55.820 So we don't want it to jump. 60 02:55.820 --> 02:58.730 So in this case, the comparison fails because they are not the same. 61 02:58.880 --> 03:00.440 So it's going to jump. 62 03:00.440 --> 03:01.640 So we don't want it to jump. 63 03:03.020 --> 03:04.730 We toggle the zero flag. 64 03:07.100 --> 03:08.090 So it's going straight. 65 03:11.060 --> 03:11.390 Again. 66 03:11.570 --> 03:12.500 Comparison. 67 03:12.770 --> 03:13.850 Comparison fails. 68 03:13.850 --> 03:15.410 One is zero, one is one. 69 03:16.430 --> 03:21.170 So that will cause this move to happen. 70 03:21.170 --> 03:24.440 Because this is a move, not equal. 71 03:24.440 --> 03:25.850 That means it's going to move this to this. 72 03:25.850 --> 03:26.540 So that's bad. 73 03:26.900 --> 03:31.670 So we toggle this to make it one so that it will not move. 74 03:35.430 --> 03:38.130 Another comparison is comparing these two. 75 03:38.130 --> 03:39.510 One is one, one is zero. 76 03:39.510 --> 03:40.590 Again, it's not the same. 77 03:40.590 --> 03:41.220 So it's bad. 78 03:43.830 --> 03:45.240 It's going to move this again. 79 03:45.240 --> 03:48.480 Toggle it again so it will move. 80 03:50.480 --> 03:51.440 Comparison. 81 03:51.650 --> 03:54.320 Comparison fails. It's going to jump. 82 03:54.920 --> 03:56.030 We don't want it to jump. 83 03:56.510 --> 03:58.520 So we are reversing the logic. 84 03:58.880 --> 04:00.200 So it's going to go straight. 85 04:03.590 --> 04:04.370 Comparison. 86 04:05.060 --> 04:06.080 This is good. 87 04:06.320 --> 04:06.830 See? 88 04:06.830 --> 04:07.520 One and one. 89 04:07.520 --> 04:08.420 So it's good. 90 04:08.720 --> 04:10.580 So in this case, it's not going to jump. 91 04:10.580 --> 04:11.660 It's going to go straight. 92 04:11.690 --> 04:12.710 Let it jump straight. 93 04:14.570 --> 04:16.220 Always stop at the comparisons. 94 04:16.880 --> 04:17.150 Okay. 95 04:17.150 --> 04:18.890 This comparison is good. 96 04:18.890 --> 04:19.910 Zero is zero. 97 04:20.630 --> 04:23.240 Therefore, this thing will not happen. 98 04:23.270 --> 04:25.640 See, zero flag is set, so it will not move. 99 04:25.640 --> 04:26.480 So that's good. 100 04:27.560 --> 04:29.240 This comparison fails. 101 04:29.240 --> 04:29.900 One is zero, 102 04:29.900 --> 04:32.090 one is one, which is bad. 103 04:32.930 --> 04:35.090 Therefore, this is going to happen. 104 04:35.090 --> 04:36.320 So we don't want it to happen. 105 04:36.890 --> 04:39.470 We toggle this so you go straight. 106 04:41.870 --> 04:44.240 This comparison is good. 107 04:44.270 --> 04:44.660 Zero, 108 04:44.660 --> 04:45.110 zero. 109 04:45.110 --> 04:45.680 Succeed. 110 04:47.960 --> 04:50.390 Therefore, this thing will not happen. 111 04:51.710 --> 04:52.280 Flag is set. 112 04:52.760 --> 04:54.350 It's not going to move. 113 04:56.690 --> 04:58.940 This comparison is good. 114 04:59.450 --> 05:00.290 Zero and zero. 115 05:00.380 --> 05:02.390 That means it's successful comparison. 116 05:04.960 --> 05:08.080 Therefore, this will not happen because zero flag is set. 117 05:11.000 --> 05:13.010 This comparison is good. 118 05:13.040 --> 05:14.090 Zero and zero. 119 05:17.620 --> 05:21.520 This is not going to happen because zero flag is set, which is good. 120 05:23.170 --> 05:25.300 This comparison again is good. 121 05:25.300 --> 05:26.350 Zero and zero. 122 05:29.510 --> 05:31.940 So this is not going to happen, which is good. 123 05:31.970 --> 05:32.720 So the flag is set. 124 05:35.100 --> 05:37.380 This comparison is good again. 125 05:37.440 --> 05:38.310 Zero and zero. 126 05:38.310 --> 05:39.750 So it's not going to jump. 127 05:39.780 --> 05:40.770 It's going to go straight. 128 05:46.010 --> 05:48.650 This comparison is zero and one. It fails. 129 05:48.650 --> 05:49.700 So that's bad. 130 05:50.840 --> 05:52.400 So this is going to happen. 131 05:52.400 --> 05:53.510 We don't want this to happen. 132 05:53.510 --> 05:54.740 So we toggle the flag, 133 05:54.740 --> 05:57.020 so it won't—it will not move this. 134 05:59.200 --> 06:04.030 This comparison is—based on zero is not the same, so it's bad. 135 06:04.030 --> 06:07.240 So this move is going to happen. 136 06:07.240 --> 06:08.410 So we don't want it to happen. 137 06:08.410 --> 06:09.250 We toggle this. 138 06:09.250 --> 06:10.060 There you go straight. 139 06:13.260 --> 06:15.780 Now this comparison with zero and zero is good. 140 06:19.170 --> 06:23.310 This move will not happen because zero flag is set. 141 06:26.100 --> 06:28.110 Now this comparison is bad. 142 06:28.140 --> 06:29.880 One is zero, one is one, so it's bad. 143 06:30.480 --> 06:32.880 So because of that, this is going to move. 144 06:32.880 --> 06:33.690 This is going to happen. 145 06:33.690 --> 06:34.950 So we don't want it to happen. 146 06:35.340 --> 06:36.810 We the reverse to zero flag. 147 06:38.940 --> 06:40.320 Now this comparison. 148 06:41.190 --> 06:42.840 This comparison is good. 149 06:42.870 --> 06:43.860 Zero and zero. 150 06:47.560 --> 06:48.670 This will not happen. 151 06:49.300 --> 06:50.410 So it's okay. 152 06:51.400 --> 06:53.230 This comparison is bad. 153 06:58.510 --> 07:00.970 So we have to reverse the logic here. 154 07:01.000 --> 07:01.660 Don't let it happen. 155 07:01.660 --> 07:02.440 Don't let it move. 156 07:05.580 --> 07:07.680 This comparison is good. 157 07:07.860 --> 07:08.910 Zero and zero. 158 07:10.530 --> 07:13.410 So we can continue because this will not happen. 159 07:13.470 --> 07:14.490 So we continue here. 160 07:14.970 --> 07:16.620 Now this is bad. 161 07:16.770 --> 07:17.550 One is zero, 162 07:17.550 --> 07:18.420 one is one. 163 07:19.680 --> 07:22.440 So we have to reverse this. 164 07:26.630 --> 07:29.060 This comparison is bad. 165 07:29.150 --> 07:29.720 One is zero, 166 07:29.720 --> 07:30.500 one is one. 167 07:32.630 --> 07:35.420 So we have to reverse this. 168 07:40.140 --> 07:41.730 This comparison is good. 169 07:45.240 --> 07:46.440 Nothing to do here. 170 07:48.360 --> 07:50.880 This comparison is good. 171 07:53.340 --> 07:54.960 So nothing to do here. 172 07:56.940 --> 07:58.920 This comparison is bad. 173 08:00.980 --> 08:02.960 So you have to reverse this. 174 08:08.090 --> 08:10.220 This comparison is good. 175 08:11.810 --> 08:13.670 So nothing to do here. 176 08:15.290 --> 08:18.170 This comparison is good also. 177 08:18.170 --> 08:20.690 So nothing to do here. 178 08:20.720 --> 08:21.590 Nothing to do. 179 08:21.680 --> 08:22.100 Leave it. 180 08:23.990 --> 08:26.030 This comparison is bad. 181 08:27.140 --> 08:28.820 So over here, 182 08:28.820 --> 08:30.080 we have to reverse this. 183 08:30.080 --> 08:31.100 Don't let it move. 184 08:34.280 --> 08:41.030 This comparison is bad, so we have to reverse this. 185 08:45.750 --> 08:48.930 This comparison is good. 186 08:52.440 --> 08:54.420 So nothing to do here. 187 08:56.520 --> 08:58.170 This comparison is good. 188 08:59.460 --> 09:00.660 Nothing to do here. 189 09:01.050 --> 09:03.960 This comparison is good. 190 09:04.140 --> 09:05.160 This comparison is bad. 191 09:05.190 --> 09:06.030 80 and zero. 192 09:06.030 --> 09:07.500 So its difference is bad. 193 09:08.310 --> 09:10.710 So we have to reverse this. 194 09:15.350 --> 09:17.240 This comparison is good. 195 09:20.120 --> 09:21.290 Nothing to do here. 196 09:21.890 --> 09:23.840 This comparison is good. 197 09:27.830 --> 09:29.180 Nothing to do here. 198 09:31.550 --> 09:33.110 This comparison is bad. 199 09:36.060 --> 09:37.500 You have to reverse this. 200 09:43.880 --> 09:45.440 This comparison is bad. 201 09:49.140 --> 09:50.910 So we have to reverse this. 202 09:55.990 --> 09:57.820 This comparison is good. 203 10:01.520 --> 10:02.750 You don't have to do anything. 204 10:04.520 --> 10:06.140 This comparison is bad. 205 10:07.280 --> 10:11.210 So we have to reverse this. 206 10:16.310 --> 10:18.620 This comparison is bad. 207 10:22.120 --> 10:24.340 So don't let this happen. 208 10:24.730 --> 10:25.780 Reverse this. 209 10:27.990 --> 10:31.650 This comparison is bad. One is zero, one is one, so it's bad. 210 10:33.060 --> 10:34.860 So this we have to reverse it. 211 10:41.560 --> 10:43.900 Now this comparison is good. 212 10:44.560 --> 10:46.690 So here, 213 10:46.720 --> 10:47.710 nothing to do. 214 10:50.170 --> 10:52.360 This comparison is bad. 215 10:53.200 --> 10:56.470 So we have to reverse this one. 216 11:01.700 --> 11:06.800 This comparison is bad, so we have to reverse this one. 217 11:12.250 --> 11:15.700 This comparison is good. 218 11:19.360 --> 11:20.770 Nothing to do here. 219 11:23.650 --> 11:28.150 This comparison is good. 220 11:30.750 --> 11:31.890 Nothing to do here. 221 11:32.700 --> 11:34.920 This comparison is good. 222 11:37.110 --> 11:38.160 Nothing to do here. 223 11:39.390 --> 11:43.050 This comparison is good. 224 11:48.260 --> 11:49.850 So nothing to do here. 225 11:51.740 --> 11:53.510 This comparison is good. 226 11:55.040 --> 11:56.330 Nothing to do here. 227 11:57.530 --> 11:59.540 This comparison is bad. 228 12:01.130 --> 12:03.500 So we have to disable this move. 229 12:07.020 --> 12:09.990 This comparison is good. 230 12:12.220 --> 12:13.240 Nothing to do here. 231 12:13.540 --> 12:15.730 This comparison is bad. 232 12:16.150 --> 12:18.970 So we have to remove and do this. 233 12:21.390 --> 12:24.300 This is the long way of bypassing the 234 12:24.810 --> 12:27.300 bypassing the encryption. 235 12:27.330 --> 12:29.310 Next lesson, I'll show you a shorter way. 236 12:29.310 --> 12:30.060 Just by patching. 237 12:30.060 --> 12:31.800 You can avoid doing all this. 238 12:31.950 --> 12:39.270 But now I just want to show you the principle of how to—how to analyze, analyze the comparisons. 239 12:40.020 --> 12:42.720 So in this case here, nothing to do. 240 12:42.750 --> 12:43.980 We have already reversed that. 241 12:44.490 --> 12:45.510 We already reversed it. 242 12:47.760 --> 12:48.600 This comparison. 243 12:48.600 --> 12:51.180 Make sure you click on the comparison to see the result here. 244 12:51.690 --> 12:53.070 Now this comparison is bad. 245 12:53.520 --> 12:57.330 So here we have to reverse the logic. 246 13:00.870 --> 13:02.940 This comparison is bad. 247 13:06.710 --> 13:09.230 So here if we reverse this. 248 13:12.610 --> 13:14.500 And this comparison is bad. 249 13:15.820 --> 13:18.880 So we have to reverse this. 250 13:22.840 --> 13:24.730 And finally, this one. 251 13:24.970 --> 13:26.260 This comparison is bad. 252 13:27.370 --> 13:31.870 So we have to reverse this. 253 13:33.900 --> 13:35.280 And next one. 254 13:36.330 --> 13:38.730 This comparison is good. 255 13:38.760 --> 13:39.480 Nothing to do. 256 13:43.630 --> 13:45.100 So nothing to do here. 257 13:47.470 --> 13:49.120 Finally, the last comparison. 258 13:49.660 --> 13:53.770 And you find the last comparison automatically becomes good. 259 13:53.860 --> 13:55.570 38 is 38, right? 260 13:56.080 --> 13:58.510 So because it is 38, 261 13:59.020 --> 14:01.270 therefore, this will not happen. 262 14:03.440 --> 14:04.460 This will not happen. 263 14:06.140 --> 14:07.700 So it will not move 264 14:08.240 --> 14:10.730 the bad message into -. 265 14:11.750 --> 14:16.850 See that they want to move this - because the comparison here failed. 266 14:17.720 --> 14:25.130 It was not a date, but because we—we analyze all the compares and undo the logic, 267 14:25.490 --> 14:28.460 now automatically it becomes 38. 268 14:28.850 --> 14:31.430 So this is how you can bypass the decryption. 269 14:31.490 --> 14:33.530 No need to do the encryption and decryption. 270 14:33.530 --> 14:37.700 You just have to analyze the compares and reverse all the logic. 271 14:37.760 --> 14:41.450 So this is a long way of bypassing the decryption. 272 14:41.840 --> 14:42.290 Right. 273 14:42.290 --> 14:44.000 Next lesson, I will show you a shorter way. 274 14:45.170 --> 14:45.350 Okay. 275 14:45.350 --> 14:50.030 So now it's not going to move, right, because the zero flag is set. 276 14:50.390 --> 14:53.420 And so now when you step over this, watch the output. 277 14:55.300 --> 14:55.930 Thanks. 278 14:55.930 --> 14:58.810 Bobby is now cured, even though he entered the wrong password. 279 14:59.380 --> 15:07.390 Okay, so that's how we can bypass encryption and decryption just by doing comparisons, 280 15:07.390 --> 15:10.420 by analyzing the comparisons and reversing the logic. 281 15:10.630 --> 15:14.950 Remember, every time there is a comparison, it means that it's expecting the two values to be the 282 15:14.950 --> 15:15.610 same. 283 15:16.030 --> 15:23.320 And anytime the two values are not the same, it will affect the subsequent instruction, which 284 15:23.320 --> 15:24.760 depends on the comparison. 285 15:24.760 --> 15:27.790 So you have to reverse that instruction. 286 15:27.790 --> 15:28.870 That's what we are doing. 287 15:28.870 --> 15:32.500 So this is how you can—you can bypass the encryption. 288 15:33.400 --> 15:33.760 All right. 289 15:33.760 --> 15:36.490 So that's all for this video. I'll see you in the next one. 290 15:36.490 --> 15:37.780 Thank you for watching.