XOR challenge

[Harava]

XOR challenge

I posted this before, but the thread to wich I replied got deleted. So here it is, my source code crackme:

Code:

#include <windows.h>

#pragma comment(linker, "/ENTRY:main")
#pragma comment(linker, "/DEFAULTLIB:kernel32")
#pragma comment(linker, "/MERGE:.rdata=.text")
#pragma comment(linker, "/DYNAMICBASE:NO")

char Input[11];
char Result[5];
HANDLE hIn;
HANDLE hOut;
DWORD dw;


bool Checker(char * Pass)
{
    __asm _emit 0xf8  __asm _emit 0x63  __asm _emit 0x46  __asm _emit 0x6d  __asm _emit 0xc3  __asm _emit 0x59  __asm _emit 0x30  __asm _emit 0x16
    __asm _emit 0x4b  __asm _emit 0xe9  __asm _emit 0x3b  __asm _emit 0x21  __asm _emit 0x07  __asm _emit 0x55  __asm _emit 0x5b  __asm _emit 0xe9
    __asm _emit 0x0c  __asm _emit 0x25  __asm _emit 0x07  __asm _emit 0x16  __asm _emit 0x40  __asm _emit 0x91  __asm _emit 0x00  __asm _emit 0x1f
    __asm _emit 0x2a  __asm _emit 0x23  __asm _emit 0x06  __asm _emit 0x0b  __asm _emit 0xc3  __asm _emit 0x58  __asm _emit 0x77  __asm _emit 0x08
    __asm _emit 0x14  __asm _emit 0x4f  __asm _emit 0x4c  __asm _emit 0x68  __asm _emit 0x76  __asm _emit 0x52  __asm _emit 0x42  __asm _emit 0xe3
    __asm _emit 0x3b  __asm _emit 0x65  __asm _emit 0x16  __asm _emit 0x55  __asm _emit 0x72  __asm _emit 0xe9  __asm _emit 0x0b  __asm _emit 0x64
    __asm _emit 0x2a  __asm _emit 0x55  __asm _emit 0x61  __asm _emit 0xe3  __asm _emit 0x3b  __asm _emit 0x2f  __asm _emit 0x54  __asm _emit 0x52
    __asm _emit 0x6d  __asm _emit 0xe3  __asm _emit 0x0c  __asm _emit 0x29  __asm _emit 0x02  __asm _emit 0x16  __asm _emit 0x7d  __asm _emit 0xe9
    __asm _emit 0x0b  __asm _emit 0x2d  __asm _emit 0x0a  __asm _emit 0x1c  __asm _emit 0x77  __asm _emit 0xd2  __asm _emit 0x68  __asm _emit 0xe3
    __asm _emit 0x41  __asm _emit 0xe0  __asm _emit 0xb7
    return false;
}
void CheckerEnd() {}

int main()
{
    DWORD StartAddr = (DWORD)&Checker;
    DWORD EndAddr = (DWORD)&CheckerEnd;
    DWORD oP;

    hIn = GetStdHandle(STD_INPUT_HANDLE);
    hOut = GetStdHandle(STD_OUTPUT_HANDLE);
    ReadConsoleA(hIn, Input, sizeof(Input), &dw, NULL);
    VirtualProtect((LPVOID)StartAddr, (EndAddr-StartAddr), PAGE_EXECUTE_READWRITE, &oP);

    for(DWORD n = StartAddr; n < EndAddr; n++)
       *(BYTE*)n ^= Input[(((n-StartAddr)*n*n)^n >> n)%10];

    __asm
    {
        push offset Input
        call Checker
        cmp al, 1
        je Yep
        jmp Nope
    }
    Yep:
    Result[0] = 'Y';
    Result[1] = 'e';
    Result[2] = 'a';
    Result[3] = 'h';
    Result[4] = '\0';
    WriteConsoleA(hOut, Result, sizeof(Result), &dw, NULL);
    return 0;
    Nope:
    Result[0] = 'N';
    Result[1] = 'o';
    Result[2] = 'p';
    Result[3] = 'e';
    Result[4] = '\0';
    WriteConsoleA(hOut, Result, sizeof(Result), &dw, NULL);
    return 0;
}

The goal is to figure out the correct password. I wish you luck!
If you have questions on how this was made / how it works, feel free to ask!

[MarkHC]

Code:

Result[0] = 'Y';
Result[1] = 'e';
Result[2] = 'a';
Result[3] = 'h';
Result[4] = '\0';
WriteConsoleA(hOut, Result, sizeof(Result), &dw, NULL);

Ugh...

Code:

Result = "Yeah";
WriteConsoleA(hOut, Result, sizeof(Result), &dw, NULL);

[Harava]

Ugh...

Code:

Result = "Yeah";
WriteConsoleA(hOut, Result, sizeof(Result), &dw, NULL);

Ugh what? You can't do Result = "Yeah". It's a C-string.
And since I don't have stdio.h included, I can't use strcpy either.

UGH

[MarkHC]

Ugh what? You can't do Result = "Yeah". It's a C-string.
And since I don't have stdio.h included, I can't use strcpy either.

UGH

Well... I just woke up and already went full retard. I think I'll go back to bed