Bombs Landed

I don't see any post for Bombs Landed yet. Been struggling with it for a couple of days. Without putting too much in here, I see the required arguments, but it can't figure out if they do anything or find any references to them. I've also figured out the X to proceed but after that I'm just tossed to 0C and can't figure out a way to alter it with input. I found main as well.

Is this challenge possible without having to alter binary? Do the inputs even matter?

Excidium

Tagged:

Comments

  • edited June 2018

    @excidium
    I manage to solve the challenge without altering the binary and I used the input to verify my finding.

  • @d4rk3r Awesome, thanks. That helps knowing I don't have to mess with the code to make it work.

    Excidium

  • It's also possible to finish it by changing something while debugging, but a minor modification will make your life easier. To discover where, you should read up on the ELF structure a little

  • Hi,

    I'm little stuck,

    found anti debug trick so not the X password but the longer should be right t33l0 after that there is a strncmp that should be give the right password, but i can't figure out waths going on, found something interesting (do|oxme) but cant really understand whats the point, any advice?

  • A very useful tool about ELF: http://www.elfparser.com/

  • @thek - Thanks for sharing. Elfparser seems like a good tool for initial static analysis, especially for RE novices, like myself.

    delosucks

  • edited July 2018

    I'm confused :). I get to the point where the program is comparing my second input with a static value, but doesnt seem the answer.

    Anyway, there's something I'm missing here. Any help or indication greatly appreciatted.

    julianjm

  • @julianjm said:
    I'm confused :). I get to the point where the program is comparing my second input with a static value, but doesnt seem the answer.

    Anyway, there's something I'm missing here. Any help or indication greatly appreciatted.

    Same here.

    Anyone willing to share any advice?

  • Anyone a clue why my breakpoint in gdb is not hit, I think I disabled a few things.

    HKLM

  • @julianjm said:
    I'm confused :). I get to the point where the program is comparing my second input with a static value, but doesnt seem the answer.

    Anyway, there's something I'm missing here. Any help or indication greatly appreciatted.

    Likewise.

    Arrexel

  • a week ago I finally solved this challenge. In the end, not that difficult. There's something "hidden" within you should trigger. As someone has said, either you can manipulate your input to trigger that thing or, if you are like me, go for the lazy approach and patch something in the code.

    Sociaslkas

  • @phingage said:
    Hi,

    I'm little stuck,

    found anti debug trick so not the X password but the longer should be right t33l0 after that there is a strncmp that should be give the right password, but i can't figure out waths going on, found something interesting (do|oxme) but cant really understand whats the point, any advice?

    yes me too i am struggling at that point and no idea with that

  • I'm at the point where it compares the input to the string on the stack and I can change the strcmp return value so that it prints theyou win. message. However, one of the characters it's comparing to is not printable. I feel like there's just one little thing I'm missing to complete the challenge.

  • Update: figured it out! For those who are stuck on the last part, I'll give this (hopefully small) hint: the arguments to strncmp and the surrounding code are themselves a hint.

  • edited November 2018

    Would anyone who's completed this be willing to give me some pointers?

    My Linux RE experience is a little lackluster, and some of the (what I assume to be) anti-debug features are hindering me when trying to disassemble/decompile the binary. I've been trying to research it on my own, but as I don't really know what it is that I'm looking for, that's been difficult.

    opt1kz

  • @opt1kz Just PM'd you. (Sorry, didn't get an email notification for your previous message.)

  • anyone here willing to share some knowledge? i can see that function that is pointing into the E** T***LE for some reason but i cant figure out what its achieving;; plus i can debug this perfectly fine in gdb? i dont seem to have anti D****G problems like people are suggesting here

  • I'm still stuck at input 'X' for week. I'm not sure what to do next. Can some one help me ?

  • I found radare2 is very helpful in understanding quick overview of binary and solving this without patching anything.

    MrR3boot

  • What is the anti debugging trick that causes gdb to only run the program once, then emit:

    "No executable file specified.
    Use the "file" or "exec-file" command." ?

    I tried hooking p**** in various ways using LD_***, didn't do any good.

    I too have more success with radare2, but I'd like to be able to run it in gdb.

    After reading here, it doesn't seem like everything has troubles with the anti debugging, so I'm not sure if this is intended to be part of the challenge or not, and either way a hint on that would be nice, unless that indeed is the whole challenge.

  • When I run the binary it just says:

    "bash: ./BombsLanded: No such file or directory"

    Could someone please confirm if this is an anti-debugging mechanism?

  • Just Solved the Challenge... I don't think ElfParser precisely is needed for this... Yes, a little modification is required but only to the reg values... Also, I didnt encounter any anti-debugging.. and i used IDA with remote debugging..

  • Can anyone tell me why when i run in gdb i get "cannot execute" "permission denied"?

  • Can anyone tell me why when i run in gdb i get "cannot execute" "permission denied"?

  • Anyone willing to share some tips? I reached the part where it's reading my second input but nothing is being printed. Not sure what to do next

  • edited September 4

    @Abbas97 said:

    Anyone willing to share some tips? I reached the part where it's reading my second input but nothing is being printed. Not sure what to do next

    Your task is the find the correct input. If you enter the correct input, the program will let you know.

    The input in question will then also be the challenge-flag.

    Gordin
    Press F to give respect

Sign In to comment.