[Reverse] DSYM - Stuck on challenge

Howdy,

I'm pretty much new over here and I was trying the DSYM reverse challenge but I'm stuck and wanted to see if anyone have a hint for me :)

So, right now I'm able to get the "price" string just like the following:


You almost got me :D

Here is small price for you: **************

After this, not sure what exactly I can do with that string :(

Hope someone can give me a lead.
Thanks

Tagged:

Comments

  • edited August 7

    Hi,

    Hint: It's easy to do statically only

    now I'm able to get the "price" string just like the following

    You just need to see where it is used and what happens before/after

    You can PM me if you stuck on this

  • I managed to solve it just now by analyzing getme with radare. Being a beginner (in reversing and debugging with low-level tools in general), i'd be interested to know what the dunnoWhatIAm file is good for. The file-command tells me it is a shared object with debug-information, which as i could observe gets loaded by gdb when opening getme, but as someone not firm in gdb, i couldn't find a way to use it to my advantage.

    If someone is willing to inform me but the information would spoil the challenge, i'd be happy if you could PM me the info. I don't expect a full guide, just a (few) keyword(s) to start my research on.

    Gordin
    Press F to give respect

  • edited August 8

    I solved it mostly by using gdb and radare, it showed me right away what was actually missing to the getme to print what I needed.

    Type your comment> @luismax said:

    Howdy,

    I'm pretty much new over here and I was trying the DSYM reverse challenge but I'm stuck and wanted to see if anyone have a hint for me :)

    So, right now I'm able to get the "price" string just like the following:


    You almost got me :D

    Here is small price for you: **************

    After this, not sure what exactly I can do with that string :(

    Hope someone can give me a lead.
    Thanks

    After you get the string you should think how computers see strings and evolve layer by layer. ;).

  • Being a beginner (in reversing and debugging with low-level tools in general), i'd be interested to know what the dunnoWhatIAm file is good for. The file-command tells me it is a shared object with debug-information, which as i could observe gets loaded by gdb when opening getme, but as someone not firm in gdb, i couldn't find a way to use it to my advantage.

    Actually, dunnoWhatIAm contains the debugging information of getme:

    We can see that the name of this debug file is present in the .gnu_debuglink section of getme (I used radare2):

    [0x00001060]> izz~dunnoWhatIAm
    021 0x00003054 0x00000000  12  13 (.gnu_debuglink) ascii dunnoWhatIAm
    
  • I believe I have the correct price string, and now I need to convert it from a certain format to another, but no luck. Does anyone mind if I PM my string to see if it's the right one?

  • Never mind just had to stare at it for a bit

  • I can't even get it to print anything out. Can anyone help me figure out where to put the breakpoints? thx

  • edited August 17

    @LVx0 said:

    I can't even get it to print anything out. Can anyone help me figure out where to put the breakpoints? thx

    Sent you a PM since i find it hard to formulate something which hasn't yet been mentioned in this thread without spoiling the first part of the workflow.

    EDIT: The public thing i guess i can mention is that that challenge can not be solved without any static analysis.

    Gordin
    Press F to give respect

  • Hello everybody! I am new here and I am really stuck . I think I extracted the correct string but I cannot convert it into the flag ( I am not sure which manipulation I have to use)
    Thanks for the help!

  • Never mind, I solved it :smile:

  • I had the first string, but I'm not able to see where it is used before or after. That is an hex string but it isn't the flag any hint, how to proceede?

  • Type your comment> @Finbonkle said:

    Never mind just had to stare at it for a bit

    Hm, imagined myself being computer but I saw only U... %) May be I am different, very old, model computer %))) If seriously stuck on point where got something looks like flag but not real flag ("price" got first directly running modified code, manually checked - result the same, decoding price gives U )... Tried play with numbers - not succeeded - I will be very appreciated if somebody push me in correct direction %)

  • I believe I've reversed this properly, however can't seem to get the format correct for the flag, can anyone who's managed this pm me and I'll send across what I've got and hopefully you can nudge me in a direction?

  • Ignore that, I was blind - Got it now

  • Hi all

    I m stuck with this challenge i have found the price and the conversion from hex to ascii is made but i cant validate the challenge any hint or help about this string: UG****************

  • Type your comment> @mbouaouda said:

    Hi all

    I m stuck with this challenge i have found the price and the conversion from hex to ascii is made but i cant validate the challenge any hint or help about this string: UG****************

    I am at the same stage as you. I think we are missing some quite obvious..

  • You can not retrieve the flag from the binary as cleartext, you'll have to decrypt it in the end (the binary does not hold any information on the encryption method in question). This last part is actually a very common exercise in beginner CTFs.

    Gordin
    Press F to give respect

  • Hi

    Thank you yes right.
    done

  • I can't even start (i don't even know what hex code op got, I see the line about price but dont know what to do after that), I tryed (cat, objdump, radare2) I guess I need to learn. But I don't know what... Assembly? Debuggin?

  • Hi Everyone, completly new to Reverse Enginnering but eagar to learn. I've had a look at the file using radar2 and as expected most of the content makes no sense. Like most others, i've found the string in qurstion, however, i am struggling to see the value. A PM would be much appriciated to point me in the right direction.

  • Hello all,

    Well, I was upset about the solution itself since I've got it.
    Could you show me the light on the questions below:
    1. Why "some" function does not used in the binary? I mean, it is not called at all. How to get that logically, that we are interested in that exact func?
    2. What is the sense of using "that" string transformation, as far as that was not mention anywhere in the binary itself ?

    Also, that questions might be as a hints ;)

Sign In to comment.