API tools faq
paste
Advertisement
Guest User

Untitled

a guest
Dec 1st, 2015
71
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
text 0.76 KB | None | 0 0
raw download clone embed print report
  1. this is the "fixed" version of `flagfinder`, with a little twist.
  2.  
  3. checking the binary quickly in IDA shows some XOR'ing happening against the string, followed by a `memcmp`..
  4. simply setting a breakpoint at `0x400729` and getting the args passed to memcmp, we can find the flag.
  5.  
  6. ```
  7. ctf@ubuntu:~/working$ gdb -q ./flagFinderRedux-e72e7ac9b16b8f40acd337069f94d524
  8. Reading symbols from ./flagFinderRedux-e72e7ac9b16b8f40acd337069f94d524...(no debugging symbols found)...done.
  9. (gdb) b *0x400729
  10. Breakpoint 1 at 0x400729
  11. (gdb) r blah
  12. Starting program: /home/ctf/working/flagFinderRedux-e72e7ac9b16b8f40acd337069f94d524 blah
  13.  
  14. Breakpoint 1, 0x0000000000400729 in ?? ()
  15. (gdb) x/s $rax
  16. 0x7fffffffe4c0: "9447{C0ngr47ulaT1ons_p4l_buddy_y0Uv3_solved_the_re4l__H4LT1N6_prObL3M}"
  17. ```
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
Public Pastes
Advertisement
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!