Challenge Description : Just one byte makes all the difference. a-byte Diberikan sebuah file bernama a-byte, dengan menggunakan IDA, saya melakukan disassemble terhadap fungsi main-nya dan melihat pseudocode dari file tersebut. Dari function main tersebut, terlihat bahwa input yang di-inginkan merupakan string dengan panjang karakter sebanyak 35 karakter seperti gambar berikut : dari gambar tersebut, dapat […]
Category: Reverse Engineering
[Cyber Jawara 2019 Qualification] – newbie.exe
Diberikan sebuah file exe, yang ketika dibuka oleh IDA, hanya berisi sedikit code simple seperti dibawah ini: Dalam code tersebut didapatkan flow bahwa program meminta sebuah input yang kemudian disimpan dalam variable s, lalu dilakukan iterasi sebanyak panjang variabel s, dan dikalikan dengan value 8. Setelah itu di cocokan dengan value dalam array num. Dalam […]
[OtterCTF 2018] – MsgMeThis
Challenge Description : Rick created another vicious program. Could you get the correct flag? MsgMeThis.exe Diberikan sebuah file bernama MsgMeThis.exe, pertama-tama kita melakukan check terhadap tipe file nyakemudian, kita bisa mencoba untuk mencari strings di dalam file tersebut menggunakan fungsi strings. Untuk memudahkan, kita bisa menggunakan egrep untuk mengeluarkan string dengan kata kunci tertentu seperti […]
[BCACTF19] – basic-pass-1
Challenge Description : Your company is testing out a new login software, and being one of the CompSec experts, they want you to test it. They say that they have hidden a key somewhere in the program, and want you to look for it. Find it, and they might even consider giving you a pay […]
[Cyber Jawara 2019 Qualification] – Haseul
Kita di berikan sebuah file ELF 64bit yang dapat kalian download disini Kita coba buka file tersebut dengan IDA Pro 64bit
|
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 |
signed __int64 __fastcall main(int a1, char **a2, char **a3) { int v4; // eax int v5; // [rsp+1Ch] [rbp-14h] signed int i; // [rsp+20h] [rbp-10h] signed int j; // [rsp+24h] [rbp-Ch] char *s; // [rsp+28h] [rbp-8h] if ( a1 != 2 ) return 1LL; s = a2[1]; if ( strlen(a2[1]) != 34 ) return 1LL; v5 = 0; for ( i = 0; i < 33; ++i ) { for ( j = 1; j < 34; ++j ) { v4 = v5++; if ( s[i] + s[j] != byte_8A0[v4] ) { puts("nope!"); return 1LL; } } } printf("CJ2019{%s}\n", s, a2); return 0LL; } |
Dari algoritma diatas, string tersebut dibandingkan dengan sesuatu yang ada di dalam byte_8A0
|
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 |
.rodata:00000000000008A0 byte_8A0 db 0A9h, 0EEh, 0D8h, 0DCh, 0DAh, 0E7h, 0D8h, 0ECh, 0A9h .rodata:00000000000008A0 ; DATA XREF: main+9E↑o .rodata:00000000000008A0 db 0E5h, 0EFh, 0DEh, 0D8h, 0EDh, 0E1h, 0E2h, 0AEh, 0D8h .rodata:00000000000008A0 db 0DEh, 0DAh, 0AEh, 0E2h, 0E5h, 0F2h, 0D8h, 0EEh, 0ECh .rodata:00000000000008A0 db 0E2h, 0E7h, 0B2h, 0D8h, 0D3h, 0ACh, 60h, 0A5h, 8Fh .rodata:00000000000008A0 db 93h, 91h, 9Eh, 8Fh, 0A3h, 60h, 9Ch, 0A6h, 95h, 8Fh .rodata:00000000000008A0 db 0A4h, 98h, 99h, 65h, 8Fh, 95h, 91h, 65h, 99h, 9Ch, 0A9h .rodata:00000000000008A0 db 8Fh, 0A5h, 0A3h, 99h, 9Eh, 69h, 8Fh, 8Ah, 63h, 0A5h .rodata:00000000000008A0 db 0EAh, 0D4h, 0D8h, 0D6h, 0E3h, 0D4h, 0E8h, 0A5h, 0E1h .rodata:00000000000008A0 db 0EBh, 0DAh, 0D4h, 0E9h, 0DDh, 0DEh, 0AAh, 0D4h, 0DAh .rodata:00000000000008A0 db 0D6h, 0AAh, 0DEh, 0E1h, 0EEh, 0D4h, 0EAh, 0E8h, 0DEh .rodata:00000000000008A0 db 0E3h, 0AEh, 0D4h, 0CFh, 0A8h, 8Fh, 0D4h, 0BEh, 0C2h .rodata:00000000000008A0 db 0C0h, 0CDh, 0BEh, 0D2h, 8Fh, 0CBh, 0D5h, 0C4h, 0BEh .rodata:00000000000008A0 db 0D3h, 0C7h, 0C8h, 94h, 0BEh, 0C4h, 0C0h, 94h, 0C8h .rodata:00000000000008A0 db 0CBh, 0D8h, 0BEh, 0D4h, 0D2h, 0C8h, 0CDh, 98h, 0BEh .rodata:00000000000008A0 db 0B9h, 92h, 93h, 0D8h, 0C2h, 0C6h, 0C4h, 0D1h, 0C2h .rodata:00000000000008A0 db 0D6h, 93h, 0CFh, 0D9h, 0C8h, 0C2h, 0D7h, 0CBh, 0CCh .rodata:00000000000008A0 db 98h, 0C2h, 0C8h, 0C4h, 98h, 0CCh, 0CFh, 0DCh, 0C2h .rodata:00000000000008A0 db 0D8h, 0D6h, 0CCh, 0D1h, 9Ch, 0C2h, 0BDh, 96h, 91h, 0D6h .rodata:00000000000008A0 db 0C0h, 0C4h, 0C2h, 0CFh, 0C0h, 0D4h, 91h, 0CDh, 0D7h .rodata:00000000000008A0 db 0C6h, 0C0h, 0D5h, 0C9h, 0CAh, 96h, 0C0h, 0C6h, 0C2h .rodata:00000000000008A0 db 96h, 0CAh, 0CDh, 0DAh, 0C0h, 0D6h, 0D4h, 0CAh, 0CFh .rodata:00000000000008A0 db 9Ah, 0C0h, 0BBh, 94h, 9Eh, 0E3h, 0CDh, 0D1h, 0CFh, 0DCh .rodata:00000000000008A0 db 0CDh, 0E1h, 9Eh, 0DAh, 0E4h, 0D3h, 0CDh, 0E2h, 0D6h .rodata:00000000000008A0 db 0D7h, 0A3h, 0CDh, 0D3h, 0CFh, 0A3h, 0D7h, 0DAh, 0E7h .rodata:00000000000008A0 db 0CDh, 0E3h, 0E1h, 0D7h, 0DCh, 0A7h, 0CDh, 0C8h, 0A1h .rodata:00000000000008A0 db 8Fh, 0D4h, 0BEh, 0C2h, 0C0h, 0CDh, 0BEh, 0D2h, 8Fh .rodata:00000000000008A0 db 0CBh, 0D5h, 0C4h, 0BEh, 0D3h, 0C7h, 0C8h, 94h, 0BEh .rodata:00000000000008A0 db 0C4h, 0C0h, 94h, 0C8h, 0CBh, 0D8h, 0BEh, 0D4h, 0D2h .rodata:00000000000008A0 db 0C8h, 0CDh, 98h, 0BEh, 0B9h, 92h, 0A3h, 0E8h, 0D2h .rodata:00000000000008A0 db 0D6h, 0D4h, 0E1h, 0D2h, 0E6h, 0A3h, 0DFh, 0E9h, 0D8h .rodata:00000000000008A0 db 0D2h, 0E7h, 0DBh, 0DCh, 0A8h, 0D2h, 0D8h, 0D4h, 0A8h .rodata:00000000000008A0 db 0DCh, 0DFh, 0ECh, 0D2h, 0E8h, 0E6h, 0DCh, 0E1h, 0ACh .rodata:00000000000008A0 db 0D2h, 0CDh, 0A6h, 60h, 0A5h, 8Fh, 93h, 91h, 9Eh, 8Fh .rodata:00000000000008A0 db 0A3h, 60h, 9Ch, 0A6h, 95h, 8Fh, 0A4h, 98h, 99h, 65h .rodata:00000000000008A0 db 8Fh, 95h, 91h, 65h, 99h, 9Ch, 0A9h, 8Fh, 0A5h, 0A3h .rodata:00000000000008A0 db 99h, 9Eh, 69h, 8Fh, 8Ah, 63h, 9Ch, 0E1h, 0CBh, 0CFh .rodata:00000000000008A0 db 0CDh, 0DAh, 0CBh, 0DFh, 9Ch, 0D8h, 0E2h, 0D1h, 0CBh .rodata:00000000000008A0 db 0E0h, 0D4h, 0D5h, 0A1h, 0CBh, 0D1h, 0CDh, 0A1h, 0D5h .rodata:00000000000008A0 db 0D8h, 0E5h, 0CBh, 0E1h, 0DFh, 0D5h, 0DAh, 0A5h, 0CBh .rodata:00000000000008A0 db 0C6h, 9Fh, 0A6h, 0EBh, 0D5h, 0D9h, 0D7h, 0E4h, 0D5h .rodata:00000000000008A0 db 0E9h, 0A6h, 0E2h, 0ECh, 0DBh, 0D5h, 0EAh, 0DEh, 0DFh .rodata:00000000000008A0 db 0ABh, 0D5h, 0DBh, 0D7h, 0ABh, 0DFh, 0E2h, 0EFh, 0D5h .rodata:00000000000008A0 db 0EBh, 0E9h, 0DFh, 0E4h, 0AFh, 0D5h, 0D0h, 0A9h, 95h .rodata:00000000000008A0 db 0DAh, 0C4h, 0C8h, 0C6h, 0D3h, 0C4h, 0D8h, 95h, 0D1h .rodata:00000000000008A0 db 0DBh, 0CAh, 0C4h, 0D9h, 0CDh, 0CEh, 9Ah, 0C4h, 0CAh .rodata:00000000000008A0 db 0C6h, 9Ah, 0CEh, 0D1h, 0DEh, 0C4h, 0DAh, 0D8h, 0CEh .rodata:00000000000008A0 db 0D3h, 9Eh, 0C4h, 0BFh, 98h, 8Fh, 0D4h, 0BEh, 0C2h, 0C0h .rodata:00000000000008A0 db 0CDh, 0BEh, 0D2h, 8Fh, 0CBh, 0D5h, 0C4h, 0BEh, 0D3h .rodata:00000000000008A0 db 0C7h, 0C8h, 94h, 0BEh, 0C4h, 0C0h, 94h, 0C8h, 0CBh .rodata:00000000000008A0 db 0D8h, 0BEh, 0D4h, 0D2h, 0C8h, 0CDh, 98h, 0BEh, 0B9h .rodata:00000000000008A0 db 92h, 0A4h, 0E9h, 0D3h, 0D7h, 0D5h, 0E2h, 0D3h, 0E7h .rodata:00000000000008A0 db 0A4h, 0E0h, 0EAh, 0D9h, 0D3h, 0E8h, 0DCh, 0DDh, 0A9h .rodata:00000000000008A0 db 0D3h, 0D9h, 0D5h, 0A9h, 0DDh, 0E0h, 0EDh, 0D3h, 0E9h .rodata:00000000000008A0 db 0E7h, 0DDh, 0E2h, 0ADh, 0D3h, 0CEh, 0A7h, 98h, 0DDh .rodata:00000000000008A0 db 0C7h, 0CBh, 0C9h, 0D6h, 0C7h, 0DBh, 98h, 0D4h, 0DEh .rodata:00000000000008A0 db 0CDh, 0C7h, 0DCh, 0D0h, 0D1h, 9Dh, 0C7h, 0CDh, 0C9h .rodata:00000000000008A0 db 9Dh, 0D1h, 0D4h, 0E1h, 0C7h, 0DDh, 0DBh, 0D1h, 0D6h .rodata:00000000000008A0 db 0A1h, 0C7h, 0C2h, 9Bh, 99h, 0DEh, 0C8h, 0CCh, 0CAh .rodata:00000000000008A0 db 0D7h, 0C8h, 0DCh, 99h, 0D5h, 0DFh, 0CEh, 0C8h, 0DDh .rodata:00000000000008A0 db 0D1h, 0D2h, 9Eh, 0C8h, 0CEh, 0CAh, 9Eh, 0D2h, 0D5h .rodata:00000000000008A0 db 0E2h, 0C8h, 0DEh, 0DCh, 0D2h, 0D7h, 0A2h, 0C8h, 0C3h .rodata:00000000000008A0 db 9Ch, 65h, 0AAh, 94h, 98h, 96h, 0A3h, 94h, 0A8h, 65h .rodata:00000000000008A0 db 0A1h, 0ABh, 9Ah, 94h, 0A9h, 9Dh, 9Eh, 6Ah, 94h, 9Ah .rodata:00000000000008A0 db 96h, 6Ah, 9Eh, 0A1h, 0AEh, 94h, 0AAh, 0A8h, 9Eh, 0A3h .rodata:00000000000008A0 db 6Eh, 94h, 8Fh, 68h, 8Fh, 0D4h, 0BEh, 0C2h, 0C0h, 0CDh .rodata:00000000000008A0 db 0BEh, 0D2h, 8Fh, 0CBh, 0D5h, 0C4h, 0BEh, 0D3h, 0C7h .rodata:00000000000008A0 db 0C8h, 94h, 0BEh, 0C4h, 0C0h, 94h, 0C8h, 0CBh, 0D8h .rodata:00000000000008A0 db 0BEh, 0D4h, 0D2h, 0C8h, 0CDh, 98h, 0BEh, 0B9h, 92h .rodata:00000000000008A0 db 95h, 0DAh, 0C4h, 0C8h, 0C6h, 0D3h, 0C4h, 0D8h, 95h .rodata:00000000000008A0 db 0D1h, 0DBh, 0CAh, 0C4h, 0D9h, 0CDh, 0CEh, 9Ah, 0C4h .rodata:00000000000008A0 db 0CAh, 0C6h, 9Ah, 0CEh, 0D1h, 0DEh, 0C4h, 0DAh, 0D8h .rodata:00000000000008A0 db 0CEh, 0D3h, 9Eh, 0C4h, 0BFh, 98h, 91h, 0D6h, 0C0h, 0C4h .rodata:00000000000008A0 db 0C2h, 0CFh, 0C0h, 0D4h, 91h, 0CDh, 0D7h, 0C6h, 0C0h .rodata:00000000000008A0 db 0D5h, 0C9h, 0CAh, 96h, 0C0h, 0C6h, 0C2h, 96h, 0CAh .rodata:00000000000008A0 db 0CDh, 0DAh, 0C0h, 0D6h, 0D4h, 0CAh, 0CFh, 9Ah, 0C0h .rodata:00000000000008A0 db 0BBh, 94h, 65h, 0AAh, 94h, 98h, 96h, 0A3h, 94h, 0A8h .rodata:00000000000008A0 db 65h, 0A1h, 0ABh, 9Ah, 94h, 0A9h, 9Dh, 9Eh, 6Ah, 94h .rodata:00000000000008A0 db 9Ah, 96h, 6Ah, 9Eh, 0A1h, 0AEh, 94h, 0AAh, 0A8h, 9Eh .rodata:00000000000008A0 db 0A3h, 6Eh, 94h, 8Fh, 68h, 99h, 0DEh, 0C8h, 0CCh, 0CAh .rodata:00000000000008A0 db 0D7h, 0C8h, 0DCh, 99h, 0D5h, 0DFh, 0CEh, 0C8h, 0DDh .rodata:00000000000008A0 db 0D1h, 0D2h, 9Eh, 0C8h, 0CEh, 0CAh, 9Eh, 0D2h, 0D5h .rodata:00000000000008A0 db 0E2h, 0C8h, 0DEh, 0DCh, 0D2h, 0D7h, 0A2h, 0C8h, 0C3h .rodata:00000000000008A0 db 2 dup(9Ch), 0E1h, 0CBh, 0CFh, 0CDh, 0DAh, 0CBh, 0DFh .rodata:00000000000008A0 db 9Ch, 0D8h, 0E2h, 0D1h, 0CBh, 0E0h, 0D4h, 0D5h, 0A1h .rodata:00000000000008A0 db 0CBh, 0D1h, 0CDh, 0A1h, 0D5h, 0D8h, 0E5h, 0CBh, 0E1h .rodata:00000000000008A0 db 0DFh, 0D5h, 0DAh, 0A5h, 0CBh, 0C6h, 9Fh, 0A9h, 0EEh .rodata:00000000000008A0 db 0D8h, 0DCh, 0DAh, 0E7h, 0D8h, 0ECh, 0A9h, 0E5h, 0EFh .rodata:00000000000008A0 db 0DEh, 0D8h, 0EDh, 0E1h, 0E2h, 0AEh, 0D8h, 0DEh, 0DAh .rodata:00000000000008A0 db 0AEh, 0E2h, 0E5h, 0F2h, 0D8h, 0EEh, 0ECh, 0E2h, 0E7h .rodata:00000000000008A0 db 0B2h, 0D8h, 0D3h, 0ACh, 8Fh, 0D4h, 0BEh, 0C2h, 0C0h .rodata:00000000000008A0 db 0CDh, 0BEh, 0D2h, 8Fh, 0CBh, 0D5h, 0C4h, 0BEh, 0D3h .rodata:00000000000008A0 db 0C7h, 0C8h, 94h, 0BEh, 0C4h, 0C0h, 94h, 0C8h, 0CBh .rodata:00000000000008A0 db 0D8h, 0BEh, 0D4h, 0D2h, 0C8h, 0CDh, 98h, 0BEh, 0B9h .rodata:00000000000008A0 db 92h, 0A5h, 0EAh, 0D4h, 0D8h, 0D6h, 0E3h, 0D4h, 0E8h .rodata:00000000000008A0 db 0A5h, 0E1h, 0EBh, 0DAh, 0D4h, 0E9h, 0DDh, 0DEh, 0AAh .rodata:00000000000008A0 db 0D4h, 0DAh, 0D6h, 0AAh, 0DEh, 0E1h, 0EEh, 0D4h, 0EAh .rodata:00000000000008A0 db 0E8h, 0DEh, 0E3h, 0AEh, 0D4h, 0CFh, 0A8h, 0A3h, 0E8h .rodata:00000000000008A0 db 0D2h, 0D6h, 0D4h, 0E1h, 0D2h, 0E6h, 0A3h, 0DFh, 0E9h .rodata:00000000000008A0 db 0D8h, 0D2h, 0E7h, 0DBh, 0DCh, 0A8h, 0D2h, 0D8h, 0D4h .rodata:00000000000008A0 db 0A8h, 0DCh, 0DFh, 0ECh, 0D2h, 0E8h, 0E6h, 0DCh, 0E1h .rodata:00000000000008A0 db 0ACh, 0D2h, 0CDh, 0A6h, 99h, 0DEh, 0C8h, 0CCh, 0CAh .rodata:00000000000008A0 db 0D7h, 0C8h, 0DCh, 99h, 0D5h, 0DFh, 0CEh, 0C8h, 0DDh .rodata:00000000000008A0 db 0D1h, 0D2h, 9Eh, 0C8h, 0CEh, 0CAh, 9Eh, 0D2h, 0D5h .rodata:00000000000008A0 db 0E2h, 0C8h, 0DEh, 0DCh, 0D2h, 0D7h, 0A2h, 0C8h, 0C3h .rodata:00000000000008A0 db 9Ch, 9Eh, 0E3h, 0CDh, 0D1h, 0CFh, 0DCh, 0CDh, 0E1h .rodata:00000000000008A0 db 9Eh, 0DAh, 0E4h, 0D3h, 0CDh, 0E2h, 0D6h, 0D7h, 0A3h .rodata:00000000000008A0 db 0CDh, 0D3h, 0CFh, 0A3h, 0D7h, 0DAh, 0E7h, 0CDh, 0E3h .rodata:00000000000008A0 db 0E1h, 0D7h, 0DCh, 0A7h, 0CDh, 0C8h, 0A1h, 69h, 0AEh .rodata:00000000000008A0 db 98h, 9Ch, 9Ah, 0A7h, 98h, 0ACh, 69h, 0A5h, 0AFh, 9Eh .rodata:00000000000008A0 db 98h, 0ADh, 0A1h, 0A2h, 6Eh, 98h, 9Eh, 9Ah, 6Eh, 0A2h .rodata:00000000000008A0 db 0A5h, 0B2h, 98h, 0AEh, 0ACh, 0A2h, 0A7h, 72h, 98h, 93h .rodata:00000000000008A0 db 6Ch, 8Fh, 0D4h, 0BEh, 0C2h, 0C0h, 0CDh, 0BEh, 0D2h .rodata:00000000000008A0 db 8Fh, 0CBh, 0D5h, 0C4h, 0BEh, 0D3h, 0C7h, 0C8h, 94h .rodata:00000000000008A0 db 0BEh, 0C4h, 0C0h, 94h, 0C8h, 0CBh, 0D8h, 0BEh, 0D4h .rodata:00000000000008A0 db 0D2h, 0C8h, 0CDh, 98h, 0BEh, 0B9h, 92h, 8Ah, 0CFh, 0B9h .rodata:00000000000008A0 db 0BDh, 0BBh, 0C8h, 0B9h, 0CDh, 8Ah, 0C6h, 0D0h, 0BFh .rodata:00000000000008A0 db 0B9h, 0CEh, 0C2h, 0C3h, 8Fh, 0B9h, 0BFh, 0BBh, 8Fh .rodata:00000000000008A0 db 0C3h, 0C6h, 0D3h, 0B9h, 0CFh, 0CDh, 0C3h, 0C8h, 93h .rodata:00000000000008A0 db 0B9h, 0B4h, 8Dh |
Kemudian kita buat menjadi desimal yang menjadi
|
1 |
169,238,216,220,218,231,216,236,169,229,239,222,216,237,225,226,174,216,222,218,174,226,229,242,216,238,236,226,231,178,216,211,172,96,165,143,147,145,158,143,163,96,156,166,149,143,164,152,153,101,143,149,145,101,153,156,169,143,165,163,153,158,105,143,138,99,165,234,212,216,214,227,212,232,165,225,235,218,212,233,221,222,170,212,218,214,170,222,225,238,212,234,232,222,227,174,212,207,168,143,212,190,194,192,205,190,210,143,203,213,196,190,211,199,200,148,190,196,192,148,200,203,216,190,212,210,200,205,152,190,185,146,147,216,194,198,196,209,194,214,147,207,217,200,194,215,203,204,152,194,200,196,152,204,207,220,194,216,214,204,209,156,194,189,150,145,214,192,196,194,207,192,212,145,205,215,198,192,213,201,202,150,192,198,194,150,202,205,218,192,214,212,202,207,154,192,187,148,158,227,205,209,207,220,205,225,158,218,228,211,205,226,214,215,163,205,211,207,163,215,218,231,205,227,225,215,220,167,205,200,161,143,212,190,194,192,205,190,210,143,203,213,196,190,211,199,200,148,190,196,192,148,200,203,216,190,212,210,200,205,152,190,185,146,163,232,210,214,212,225,210,230,163,223,233,216,210,231,219,220,168,210,216,212,168,220,223,236,210,232,230,220,225,172,210,205,166,96,165,143,147,145,158,143,163,96,156,166,149,143,164,152,153,101,143,149,145,101,153,156,169,143,165,163,153,158,105,143,138,99,156,225,203,207,205,218,203,223,156,216,226,209,203,224,212,213,161,203,209,205,161,213,216,229,203,225,223,213,218,165,203,198,159,166,235,213,217,215,228,213,233,166,226,236,219,213,234,222,223,171,213,219,215,171,223,226,239,213,235,233,223,228,175,213,208,169,149,218,196,200,198,211,196,216,149,209,219,202,196,217,205,206,154,196,202,198,154,206,209,222,196,218,216,206,211,158,196,191,152,143,212,190,194,192,205,190,210,143,203,213,196,190,211,199,200,148,190,196,192,148,200,203,216,190,212,210,200,205,152,190,185,146,164,233,211,215,213,226,211,231,164,224,234,217,211,232,220,221,169,211,217,213,169,221,224,237,211,233,231,221,226,173,211,206,167,152,221,199,203,201,214,199,219,152,212,222,205,199,220,208,209,157,199,205,201,157,209,212,225,199,221,219,209,214,161,199,194,155,153,222,200,204,202,215,200,220,153,213,223,206,200,221,209,210,158,200,206,202,158,210,213,226,200,222,220,210,215,162,200,195,156,101,170,148,152,150,163,148,168,101,161,171,154,148,169,157,158,106,148,154,150,106,158,161,174,148,170,168,158,163,110,148,143,104,143,212,190,194,192,205,190,210,143,203,213,196,190,211,199,200,148,190,196,192,148,200,203,216,190,212,210,200,205,152,190,185,146,149,218,196,200,198,211,196,216,149,209,219,202,196,217,205,206,154,196,202,198,154,206,209,222,196,218,216,206,211,158,196,191,152,145,214,192,196,194,207,192,212,145,205,215,198,192,213,201,202,150,192,198,194,150,202,205,218,192,214,212,202,207,154,192,187,148,101,170,148,152,150,163,148,168,101,161,171,154,148,169,157,158,106,148,154,150,106,158,161,174,148,170,168,158,163,110,148,143,104,153,222,200,204,202,215,200,220,153,213,223,206,200,221,209,210,158,200,206,202,158,210,213,226,200,222,220,210,215,162,200,195,156,156,225,203,207,205,218,203,223,156,216,226,209,203,224,212,213,161,203,209,205,161,213,216,229,203,225,223,213,218,165,203,198,159,169,238,216,220,218,231,216,236,169,229,239,222,216,237,225,226,174,216,222,218,174,226,229,242,216,238,236,226,231,178,216,211,172,143,212,190,194,192,205,190,210,143,203,213,196,190,211,199,200,148,190,196,192,148,200,203,216,190,212,210,200,205,152,190,185,146,165,234,212,216,214,227,212,232,165,225,235,218,212,233,221,222,170,212,218,214,170,222,225,238,212,234,232,222,227,174,212,207,168,163,232,210,214,212,225,210,230,163,223,233,216,210,231,219,220,168,210,216,212,168,220,223,236,210,232,230,220,225,172,210,205,166,153,222,200,204,202,215,200,220,153,213,223,206,200,221,209,210,158,200,206,202,158,210,213,226,200,222,220,210,215,162,200,195,156,158,227,205,209,207,220,205,225,158,218,228,211,205,226,214,215,163,205,211,207,163,215,218,231,205,227,225,215,220,167,205,200,161,105,174,152,156,154,167,152,172,105,165,175,158,152,173,161,162,110,152,158,154,110,162,165,178,152,174,172,162,167,114,152,147,108,143,212,190,194,192,205,190,210,143,203,213,196,190,211,199,200,148,190,196,192,148,200,203,216,190,212,210,200,205,152,190,185,146,138,207,185,189,187,200,185,205,138,198,208,191,185,206,194,195,143,185,191,187,143,195,198,211,185,207,205,195,200,147,185,180,141 |
Dari main diatas dan isi dari byte_8A0, kita buat solvernya dengan menggunakan […]
[GoogleCTF 2018 BeginnersQuest] – gatekeeper
Karena ini levelnya beginner, Mari kita mempelajari static analysis-nya sebagai langkah awal yang baik dalam Reverse Engineering Soal ini dapat kalian download disini pertama tama, kita coba jalankan program tersebut terlebih dahulu
|
1 2 3 4 5 6 |
root@kali:~/Documents# ./gatekeeper /===========================================================================\ | Gatekeeper - Access your PC from everywhere! | +===========================================================================+ [ERROR] Login information missing Usage: ./gatekeeper <username> <password> |
dari error message yang didapatkan, ternyata program tersebut membutuhkan informasi lebih. Seperti yang di perlihatkan dalam pesan ” Usage: “, kita membutuhkan […]
[HackToday 2019 Qualification] – nani the fuk
Diberikan sebuah soal berbentuk binary, binary dapat di download di: https://s.id/6aIo7 Jika binary dieksekusi maka binary akan meminta input, setelah mencoba inputan, ternyata program hanya menerima input 1 karakter, seperti berikut Ketika input yang dimasukan salah maka program akan exit. Program tersebut terlihat seperti akan meminta input 1 karakter sebanyak 20 kali seperti yang […]
[PicoCTF2018] – Quackme (XOR Operation)
Pertama, Check file yang telah kita download untuk melihat info detail file tersebut. Setelah itu baru kita coba menjalankan program tersebut. Bisa dilihat diatas bahwa pada saat program di jalankan, muncul sebuah pesan “Can you figure out my trick?” dan adanya perintah untuk menginput strings. ketika saya mengisinya dengan, misalkan yes maka jawaban dari […]
[ångstromCTF 2019] – One Bite
Challenge Description : Whenever I have friends over, I love to brag about things that I can eat in a single bite. Can you give this program a tasty flag that fits the bill? Diberikan sebuah file executable bernama one_bite ketika di-execute, file tersebut akan meminta input sebagai berikut : ketika di-input secara asal seperti “dis is a […]
[PicoCTF 2018] – Radix Terminal
Pertama kita check type filenya. Setelah itu lalu kita coba jalankan programnya. Ternyata programnya cuman menampilkan text “Please provide a password”. Dan untuk mengetahui programnya lebih detail maka saya akan membuka programnya lewat IDA. Setelah masuk IDA , saya check seluruh function yang ada ( berhubungan dengan password (memiliki strcmp dan strlen) ). […]