A practical example of How to use ghidra to attack crackme
First Download crackme from the site MalwareTech , the password to the archive – too MalwareTech.
So, let’s see what is in the archive. We see the executable file vm1.exe and dump file ram.bin. The explanation on the site says that we are dealing with an eight-bit virtual machine. The dump file is nothing more than a chunk of memory, in which random data and a flag that we need to find are interspersed. Let’s leave the dump file alone for a while and take a look at vm1.exe through the DiE program.[Read more…] about How to use ghidra to attack crackme