evaluator
August 7th, 2008, 00:54
heeyyii!
once browsed "crackmes.de", found LINUX crackme "grainne2";
& in my PPGirl-mind burn PPidea!
ELFz start @08048000h,
then why not to attach MZ_header with addr 08047000h !?!?
cracme has no imports, so it will able to load.. hihi!
but under debugger i see, it relies to stack(for discover LIB funk add)..
but i assumed this address as RET;(my guess: it does read & print on console)..
**what you thinQ:
should we investigate some project - ELF2EXE, which will more job,
like redirect imports MSVCRT(right bet?) via our loader!?
or such project already done? (hsit, did not search_before_posting)
--
PS. crackme itself is obvious, has same hardcoded KEY, as previous crackme..
once browsed "crackmes.de", found LINUX crackme "grainne2";
& in my PPGirl-mind burn PPidea!
ELFz start @08048000h,
then why not to attach MZ_header with addr 08047000h !?!?
cracme has no imports, so it will able to load.. hihi!
but under debugger i see, it relies to stack(for discover LIB funk add)..
but i assumed this address as RET;(my guess: it does read & print on console)..
**what you thinQ:
should we investigate some project - ELF2EXE, which will more job,
like redirect imports MSVCRT(right bet?) via our loader!?
or such project already done? (hsit, did not search_before_posting)
--
PS. crackme itself is obvious, has same hardcoded KEY, as previous crackme..