Reverse Engineering
{"authors": ["ret2basic"]}
not crypto
Solved by ret2basic
Challenge
there's crypto in here but the challenge is not crypto... 🤔
Solution
The program calls memcmp()
for comparing our input with the flag:
The address of memcmp()
is 0x13b9
:
Since PIE is enabled, this address is only an offset. Now we find the base address of the binary:
Set a breakpoint at 0x555555554000 + 0x13b9 = 0x5555555553b9
and read the flag:
breadth
Solved by ret2basic
Challenge
Surely this is what people mean when they say "horizontal scaling," right?
TOP SECRET INFO:
Our operatives managed to exfiltrate an in-development version of this challenge, where the function with the real flag had a mistake in it. Can you help us get the flag?
Solution
Compare these two binaries and examine which bytes are different:
Here 610380
refers to the function located at address 0x9504C
. Examine this function in IDA:
Get flag:
Last updated