Hi mates,

During my spare time i have tried some tasks from DSC17 CTF by S21sec. I will comment here on those in which I found more difficult or fun. FBCTF was present as platform so from here tasks names will be countries associated.

Mauritania – 400 points 

First Run 

Before run we try to inspect binary strings (strings ftw! – n00b says). We clearly see a weird string that could match our password. But, this is not so (so) easy!.

IDA Dissasembler 

Seems IDA could help on this simple task. All you have to do is open binary and get pseudo code from main function

So it’s simple XOR with 0x16 key on “paswd” variable. Remember this weird string (A1-C3bK4_2h5f8vE)?  Yes, its xoring and result is our flag. For the task we can reproduce this for loop part and get output.

#include <stdio.h>

int main()
    char* paswd = "A1-C3bK4_2h5f8vE"; 
    int j; 
    printf("Tu flag es:"); 
  for ( j = 0; j < strlen(paswd); ++j )
    putchar((char)(paswd[j] ^ 0x16));
  return 0;

Finally easy flag ;)


No hay contenido relacionado

Deja un comentario

Tu dirección de correo electrónico no será publicada. Los campos obligatorios están marcados con *

Este sitio usa Akismet para reducir el spam. Aprende cómo se procesan los datos de tus comentarios.