- Name - A Strong Feeling
- Category - Reverse Engineering
- Points - 80
- Description - Do you think you could defeat this password checker for us? It's making me real pissed off!
- Binary - Download here
Running the 64-bit ELF and giving it "some_random_input" as the input string:
root@kali: ~/Desktop
root@kali:~/Desktop# ./a_strong_feeling
some_random_input
Haxx0r ipsum gurfle deadlock exception ctl-c continue Dennis Ritchie.
root@kali:~/Desktop#
Running the binary does not reveal anything about the expected input. Loading it in IDA, we're faced with a very complicated graph depicting the main function:
We notice that the last row of instruction blocks is predominantly made up of 2 different type of blocks. An example of each follows:
The red block outputs the Haxx0r message we got earlier whereas the green block contains a compare instruction for each of the characters in our input. Simply put, avoid the boxes with a call _printf instruction. This is done by providing the right character at each compare statement. If the comparison fails, we end up in a bad instruction block at the next round.
Putting breakpoints at each of the compare statements and noting the comparison character at each round, we end up with the flag:
root@kali: ~/Desktop
root@kali:~/Desktop# ./a_strong_feeling
IceCTF{pip_install_angr}
Wooooohoooo!
root@kali:~/Desktop#
No comments:
Post a Comment