Howdy,
I’m pretty much new over here and I was trying the DSYM reverse challenge but I’m stuck and wanted to see if anyone have a hint for me 
So, right now I’m able to get the “price” string just like the following:
After this, not sure what exactly I can do with that string 
Hope someone can give me a lead.
Thanks
Hi,
Hint: It’s easy to do statically only
now I’m able to get the “price” string just like the following
You just need to see where it is used and what happens before/after
You can PM me if you stuck on this
I managed to solve it just now by analyzing getme with radare. Being a beginner (in reversing and debugging with low-level tools in general), i’d be interested to know what the dunnoWhatIAm file is good for. The file-command tells me it is a shared object with debug-information, which as i could observe gets loaded by gdb when opening getme, but as someone not firm in gdb, i couldn’t find a way to use it to my advantage.
If someone is willing to inform me but the information would spoil the challenge, i’d be happy if you could PM me the info. I don’t expect a full guide, just a (few) keyword(s) to start my research on.
I solved it mostly by using gdb and radare, it showed me right away what was actually missing to the getme to print what I needed.
Type your comment> @luismax said:
Howdy,
I’m pretty much new over here and I was trying the DSYM reverse challenge but I’m stuck and wanted to see if anyone have a hint for me
So, right now I’m able to get the “price” string just like the following:
You almost got me
Here is small price for you: **************After this, not sure what exactly I can do with that string
Hope someone can give me a lead.
Thanks
After you get the string you should think how computers see strings and evolve layer by layer. ;).
Being a beginner (in reversing and debugging with low-level tools in general), i’d be interested to know what the dunnoWhatIAm file is good for. The file-command tells me it is a shared object with debug-information, which as i could observe gets loaded by gdb when opening getme, but as someone not firm in gdb, i couldn’t find a way to use it to my advantage.
Actually, dunnoWhatIAm contains the debugging information of getme:
We can see that the name of this debug file is present in the .gnu_debuglink section of getme (I used radare2):
[0x00001060]> izz~dunnoWhatIAm
021 0x00003054 0x00000000 12 13 (.gnu_debuglink) ascii dunnoWhatIAm
I believe I have the correct price string, and now I need to convert it from a certain format to another, but no luck. Does anyone mind if I PM my string to see if it’s the right one?
Never mind just had to stare at it for a bit
I can’t even get it to print anything out. Can anyone help me figure out where to put the breakpoints? thx
@LVx0 said:
I can’t even get it to print anything out. Can anyone help me figure out where to put the breakpoints? thx
Sent you a PM since i find it hard to formulate something which hasn’t yet been mentioned in this thread without spoiling the first part of the workflow.
EDIT: The public thing i guess i can mention is that that challenge can not be solved without any static analysis.
Hello everybody! I am new here and I am really stuck . I think I extracted the correct string but I cannot convert it into the flag ( I am not sure which manipulation I have to use)
Thanks for the help!
Never mind, I solved it 
I had the first string, but I’m not able to see where it is used before or after. That is an hex string but it isn’t the flag any hint, how to proceede?
Type your comment> @Finbonkle said:
Never mind just had to stare at it for a bit
Hm, imagined myself being computer but I saw only U**… %) May be I am different, very old, model computer %))) If seriously stuck on point where got something looks like flag but not real flag (“price” got first directly running modified code, manually checked - result the same, decoding price gives U** )… Tried play with numbers - not succeeded - I will be very appreciated if somebody push me in correct direction %)
I believe I’ve reversed this properly, however can’t seem to get the format correct for the flag, can anyone who’s managed this pm me and I’ll send across what I’ve got and hopefully you can nudge me in a direction?
Ignore that, I was blind - Got it now
Hi all
I m stuck with this challenge i have found the price and the conversion from hex to ascii is made but i cant validate the challenge any hint or help about this string: UG****************
Type your comment> @mbouaouda said:
Hi all
I m stuck with this challenge i have found the price and the conversion from hex to ascii is made but i cant validate the challenge any hint or help about this string: UG****************
I am at the same stage as you. I think we are missing some quite obvious…
You can not retrieve the flag from the binary as cleartext, you’ll have to decrypt it in the end (the binary does not hold any information on the encryption method in question). This last part is actually a very common exercise in beginner CTFs.
Hi
Thank you yes right.
done
I can’t even start (i don’t even know what hex code op got, I see the line about price but dont know what to do after that), I tryed (cat, objdump, radare2) I guess I need to learn. But I don’t know what… Assembly? Debuggin?