Add files via upload

Author: Git-Logan

bin/win-bin-analysis/README.md

@@ -0,0 +1,25 @@
+# win-bin-analysis
+
+# Description
+* Find the key hidden in the windows executable files
+
+# Hint
+* exe's arent the only type of executable file
+
+# Difficulty
+* easy-medium
+
+# Solution
+```
+analyze the dll(not the exe) in ghidra, search for strings, find a bunch of strings that get outputed when the file is executed, get one of the strings, and decrypt using one of the strings as a key and one string saying the encryption algorithm
+``` 
+```
+flag-jctf{00g@_B000G@@_B1LL_G8S_wAs-H3Re}
+password-HKEY_CURRENT_USER
+encryption-AES(CBC)
+fakeFlag-njsctf{look-harder}
+encrypt-flag-U2FsdGVkX1+/+Gg+TT1OswZb7zJBF954sV9CPYr9yjuECuBh60j/qG3Kw4Hk9/l6fu5ibkYarZWNBByLBuGrYQ==
+```
+
+# Files Needed
+* winBinAnalysis.zip

bin/win-bin-analysis/challenge/winBinAnalysis.zip

@@ -0,0 +1,28 @@
+using System.Diagnostics;
+int coolfunction(string input)
+{
+    Process.Start("cmd.exe", "/K tree");
+    string output = "AES(CBC)"; //encyrption for key
+    return 2345325;
+}
+
+Process.Start("cmd.exe", "/K tree");
+Console.WriteLine($"You really shouldn't run exe's from people that you dont trust {Environment.UserName}");
+Console.WriteLine($"SENDING HKEY_CLASSES_ROOT/.386/PersistentHandler {Environment.NewLine}Date: {DateTime.Now:d} Time: {DateTime.Now:t}");
+coolfunction("sample text");
+var max = 87;
+var counter = -42;
+string encKey = "HKEY_CURRENT_USER"; //passowrd for key
+string words = "njsctf{look-harder}";
+for (int i = 0; i < max; i++)
+{
+    words = words + counter;
+    counter += 3;
+
+}
+
+Console.WriteLine($"{Environment.NewLine} {words} ");
+
+string realKey = "U2FsdGVkX1+/+Gg+TT1OswZb7zJBF954sV9CPYr9yjuECuBh60j/qG3Kw4Hk9/l6fu5ibkYarZWNBByLBuGrYQ=="; //solution for key encrypted
+
+Console.ReadLine();