Vba Password Bypasser 47 Crack [REPACK]
Vba Password Bypasser 47 Crack
this is a simple web challenge with some hidden characters. the challenge is to download two html files from the challenge. the two files have embedded base64 and are actually concatenated with some text.
a,b,c,d… i’ve got all kinds of long names to go through for when i do a reversingbypasser. this is the cookie saga, which i’ve written all about before, and you can read more about that here. but the lesson i learned in all those posts is never stop improving, and there’s a lot to improve on this one. being somewhat of a lazy person, or more of an accident prone, this one is a bit different.
this is a reverse of my arc section. the cookie saga was a time when i was pretty good at reverse engineering, and i branched out into more types of reversing, and that was fun, but not as fruitful as this one. i went from a cookie exploit to user session information, to a active directory password brute forcing in which i got an easily-guessed password, and then somewhere along the line i went from that to a phishing attack. i definitely learned a lot, and its a fun challenge, so i’m going to go through that story one more time.
pompom had a phishing attack against an email client. when you run into this, you usually have a few options: go to the url directly, check if its a drive-by, patch the exploit, or take a different approach. i went into some detail on how to do that last time, and this time i’m going to do it again, but with some new details in the process. first of all, i found the attack using my usual custom cms, soapui. i realized that it probably wasn’t the email target i had been led to believe it was, and it also didn’t make a lot of sense. i found a phishing website with a shady url and got it to deliver a word document using java and the server. i found a word macro that embedded a vba macro which generated a http request and called it. this is the thing that i thought was some drive-by, and my first attempt at counter-attacking was to see if the request was in the network traffic. it was. so my next step was to see if the response was all plain-text.