Ponce
Search…
Ponce
Introduction
USAGE
Symbolic and Taint engines
Enable/Disable Ponce
Symbolize/Taint data
Solve conditions
Blacklisting library functions
Shortcuts
EXAMPLES
Symbolic engine
Taint engine
Negate & Inject
Negate, Inject & Restore
MISC
Ponce limitations
Building
FAQ
Debugging
Port to IDA version
Powered By GitBook
Negate & Inject
In the next gif we can see the use of automatic tainting and how we can negate a condition and inject it in memory while debugging:
  • We select the symbolic engine and set the option to symbolize argv.
  • We identify the condition that needs to be satisfied to win the crackMe.
  • We negate an inject the solution everytime a byte of our input is checked against the key.
  • Finally we get the key elite that has been injected in memory and therefore reach the Win code.
The crackme source code can be found here
crackmexor_negate_and_inject
EXAMPLES - Previous
Taint engine
Next - EXAMPLES
Negate, Inject & Restore
Last modified 2yr ago
Copy link