Guaranteed Higher Grade!
Free Quote
Part 1: We are examining the program “Password.exe” which is available with this assignment.
1. The alignment for a section when the program is in memory is:
2. The alignment for a section in the file is:
3. What is the address of the first instruction which will be executed by the program when it is loaded in memory? (Note: IdaPro will start up at what it considers to be “main”. This is not the address I am looking for in this question!):
4. At what byte offset in the file is the instruction from the previous question?
5. The data section for this program is in the file at offset:
6. How many functions does the program import from “KERNEL32.DLL”:
7. The “.data” section occupies this number of bytes in the file:
8. The “.data” section occupies this number of bytes when the program is in memory:
9. The file contains a string at 0x36CC. What is the string? 10. What is the word “no” in Swahili? Don't just google it - tell me how you know based on the program. 11. What function call is made at 0x401823? 12. What is the value of Var_2C that will make the jump at 0x4018C2 actually jump? 13. What string is in memory at 0x4050CC? 14. Which case in the switch statement is handled at 0x401741? 15. According to IdaPro there is a section called “.eh_frame”. Find it. Now, according to PEbrousePro this section has a different name. IdaPro has renamed it (I don’t know why, in a hex editor it is clear that PEbrousePro is correct). What is the actual section name?
Part 2: Using the same program “Password.exe”… This is 10 points.
16. What is the correct password? Explain with details (e.g. addresses) how you figured this out
Part 3: We are done with “Password.exe” and are now using the program “One.exe”… This is 10 points.
17. What is the answer? Provide me with five or six details about how you figured this out. (This one is very easy.)
Part 4: We are examining the program “Two.exe” which is available with this assignment. This is 10 points.
18. Years ago we had access to the super secret database “TOPFISH”. But the database administrator has died and all we are left with is this old crusty Windows program. Modify the program so that you have access and can enter the classified control area. Make the actual changes to the binary file. Describe what you did to the file and how you knew what to do.
Part 5: We are examining the program “Three.exe” which is available with this assignment. This question is 10 points.
19. The program needs to be “registered” (under “Help”, see “Register”). We could take some time and determine that the registration key must be 16 bytes, etc. But it’s just faster to just make it think that any registration key will work. Make the actual changes to the binary file. Describe what you did to the file and how you knew what to do.
Part 6: Continue with “Three.exe”.
20. Tell me what the very first access to the Windows Registry was when this program was executed. I want the function name and the result.
How to Write a 2000 Word Essay & Topic Ideas?
Students in their academic journeys often get tasks to craft essays on a wide range of topics i
How Do I Write a Dissertation Conclusion?
Conclusions play a vital role in any academic writing. They involve summarising your research findi
Discover Engaging Exploratory Essay Topics
Are you looking forward to writing an interesting exploratory essay that will attract the atten
Literature Essay Topics for Academic Excellence
A literature essay is like a placid stream of startling similes, mesmerizing metaphors, picturesque
WhatsApp
