3. oktober 2017

How to crack any XOR'ed file using XOR Cracker online tool


Today, I'm going to show you how to crack XOR file using an online tool and to show you that XOR is not a good protection. This tutorial is also useful for malware/security researcher

It's very easy to find out if file is XOR'ed or not. Just open the file in hex editor and you can see the same bytes is filled. In my example, the .dll file was filled with FF


and other example found from the internet is the file is filled with EC E6 DC 7F DC E7 DF E0


Visit https://wiremask.eu/tools/xor-cracker/ and drop the file. The online tool will crack the XOR'ed file for you. Download decrypted file that matches the XOR bytes. In my example, it's FF


Open the download file with hex editor again. Congrats you cracked the XOR'ed file

Credits:
iAndroHacker (tutorial)

Wiremask (online tool)

0 kommentarer:

Send en kommentar