• Plaidctf 2014 Reverse 250 "hudak" write-up

    Task description:

    Can you reverse this program?

    Peeking into file:

    $ file hudak
    hudak: ELF 32-bit LSB executable
    $ strings hudak
    hCA[
    DCCC@EGhh
    read_until
    Enter the password.
    Wrong!
    Congratulations!
    ;*2$"
    $ ./hudak
    Enter the password.
    can_i_haz_flag
    Wrong!

    So no easy flag today ;) Ok, no problem, fire up IDA + linux_server and let’s roll. sub_80484C0 is our main function:

    ida

    Read on →

  • Ructf quals 2014 Reverse 500 "Arcfour" write-up

    Task description:

    Crack me please.
    Flag format is "RUCTF_.*"

    Ok so we’re presented with a arcfour.exe binary.

    root@kali:~/vmshare/ctf/reverse/original# file arcfour.exe
    arcfour.exe: PE32 executable (console) Intel 80386, for MS Windows, UPX сompressed

    Well, simple enough! Just unpack it with upx -d and load into IDA :

    int __cdecl main(int argc, const char **argv, const char **envp)
    {
            int result;
            if ( argc == 2 )
            {
                    if ( lstrlenA(argv[1]) == 32 )
                    {
                            dword_40337C = (int)argv[1];
                            if ( (unsigned __int8)(lstrcmpA(lpString1, argv[1]) & 1 ^ 1) == 1 )
                                    result = puts("good job, put flag into system");
                            else
                                    result = puts("nope...");
                    }
                    else
                    {
                            result = 0;
                    }
            }
            else
            {
                    result = 0;
            }
            return result;
    }

    Read on →