Ponce
Ponce
Ponce
Ponce
Introduction
USAGE
Symbolic and Taint engines
Enable/Disable Ponce
Symbolize/Taint data
Solve conditions
Blacklisting library functions
Shortcuts
EXAMPLES
Symbolic engine
Taint engine
Negate & Inject
Negate, Inject & Restore
MISC
Ponce limitations
Building
FAQ
Debugging
Port to IDA version
Powered by GitBook

Negate & Inject

In the next gif we can see the use of automatic tainting and how we can negate a condition and inject it in memory while debugging:

  • We select the symbolic engine and set the option to symbolize argv.

  • We identify the condition that needs to be satisfied to win the crackMe.

  • We negate an inject the solution everytime a byte of our input is checked against the key.

  • Finally we get the key elite that has been injected in memory and therefore reach the Win code.

The crackme source code can be found here

crackmexor_negate_and_inject
EXAMPLES - Previous
Taint engine
Next - EXAMPLES
Negate, Inject & Restore
Last updated 11 months ago