# General

Given file type and tools for reverse:

| File type       | Tools                                |
| --------------- | ------------------------------------ |
| EXE, DLL        | IDA Free, x32dbg, strings, UPX, PEID |
| EXE, DLL (.NET) | DnSpy, DE4dot, open-source unpacker  |
| APK, DEX        | Android Simulator, JADX, GDA         |
| ELF             | IDA Free, GDB-Peda, EDB              |

Tools for malware analysis:

1. Malware analysis = <https://fareedfauzi.github.io/2022/08/08/Malware-analysis-cheatsheet.html>
2. Maldoc refer = <https://fareedfauzi.github.io/2022/08/08/Malware-analysis-cheatsheet.html>

Questions example:

* Sharppanda malware
* .net + de4dot
* Maldoc (template injection) with Sandbox
* Fileless powershell
* ELF
* JS malware
* EXE
* Threat intel involve Censys
* Dex file APK

## Crackme

```
#include <stdio.h>
#include <string.h>

int main() {
    char password[20];
    printf("Welcome to the Crack Me challenge!\n");
    printf("Please enter the password: ");
    scanf("%s", password);
    if (strcmp(password, "abc123") == 0) {
        printf("Congratulations! You have successfully cracked the password.\n");
    } else {
        printf("Sorry, the password you entered is incorrect.\n");
    }
    return 0;
}

```

```
#include <stdio.h>

int main() {
    int password;

    printf("Welcome to the Crack Me challenge!\n");
    printf("Please enter the password (a 4-digit number): ");
    scanf("%d", &password);

    if (password == 1234) {
        printf("Congratulations! You have successfully cracked the password.\n");
    } else {
        printf("Sorry, the password you entered is incorrect.\n");
    }

    return 0;
}

```

```
#include <stdio.h>
#include <string.h>

#define BUFFER_SIZE 50

void encrypt(char* message, int key) {
    int msgLen = strlen(message);
    for (int i = 0; i < msgLen; ++i) {
        message[i] = message[i] ^ key;
    }
}

int main() {
    char password[BUFFER_SIZE];
    printf("Welcome to the Crack Me challenge!\n");
    printf("Please enter the password: ");
    scanf("%49s", password); // Limiting input length to the buffer size - 1
    encrypt(password, 0xF);
    if (strcmp(password, "li{{|t}jyj}|jpi`}|par") == 0) {
        printf("Congratulations! You have successfully cracked the password.\n");
    } else {
        printf("Sorry, the password you entered is incorrect.\n");
    }
    return 0;
}

```

```
#include <stdio.h>
#include <string.h>

void reverseString(char* str) {
    int i, j;
    char temp;
    for (i = 0, j = strlen(str) - 1; i < j; i++, j--) {
        temp = str[i];
        str[i] = str[j];
        str[j] = temp;
    }
}

int main() {
    char secret[] = "rofgnikooluoygalfehtsiisthistragnoC";
    char userInput[50];
    printf("Welcome to the Reverse Engineering challenge!\n");
    printf("Please enter a string: ");
    scanf("%49s", userInput); // Limiting input length to the buffer size - 1
    reverseString(userInput);
    if (strcmp(userInput, secret) == 0) {
        printf("Congratulations! You have found the secret string.\n");
    } else {
        printf("Sorry, the string you entered is incorrect.\n");
    }
    return 0;
}

```