Ponce
Search…
Ponce
Introduction
USAGE
Symbolic and Taint engines
Enable/Disable Ponce
Symbolize/Taint data
Solve conditions
Blacklisting library functions
Shortcuts
EXAMPLES
Symbolic engine
Taint engine
Negate & Inject
Negate, Inject & Restore
MISC
Ponce limitations
Building
FAQ
Debugging
Port to IDA version
Powered By
GitBook
Negate & Inject
In the next gif we can see the use of automatic tainting and how we can negate a condition and inject it in memory while debugging:
We select the symbolic engine and set the option to symbolize
argv
.
We identify the condition that needs to be satisfied to win the crackMe.
We negate an inject the solution everytime a byte of our input is checked against the key.
Finally we get the key
elite
that has been injected in memory and therefore reach the
Win
code.
The crackme source code can be found
here
crackmexor_negate_and_inject
EXAMPLES - Previous
Taint engine
Next - EXAMPLES
Negate, Inject & Restore
Last modified
1yr ago
Copy link