Reverse Engineering

{"authors": ["ret2basic"]}

not crypto

Solved by ret2basic

Challenge

there's crypto in here but the challenge is not crypto... 🤔

not-crypto

Solution

The program calls memcmp() for comparing our input with the flag:

memcmp()

The address of memcmp() is 0x13b9:

Address of memcmp()

Since PIE is enabled, this address is only an offset. Now we find the base address of the binary:

PIE base address

Set a breakpoint at 0x555555554000 + 0x13b9 = 0x5555555553b9 and read the flag:

Get flag

breadth

Solved by ret2basic

Challenge

Surely this is what people mean when they say "horizontal scaling," right?

TOP SECRET INFO:

Our operatives managed to exfiltrate an in-development version of this challenge, where the function with the real flag had a mistake in it. Can you help us get the flag?

breadth.v1 breadth.v2

Solution

Compare these two binaries and examine which bytes are different:

cmp -bl breadth.v1 breadth.v2

cmp

Here 610380 refers to the function located at address 0x9504C. Examine this function in IDA:

Function

Get flag:

Get flag