Bombs Landed

A very useful tool about ELF: http://www.elfparser.com/

1 Like

@thek - Thanks for sharing. Elfparser seems like a good tool for initial static analysis, especially for RE novices, like myself.

I’m confused :). I get to the point where the program is comparing my second input with a static value, but doesnt seem the answer.

Anyway, there’s something I’m missing here. Any help or indication greatly appreciatted.

@julianjm said:
I’m confused :). I get to the point where the program is comparing my second input with a static value, but doesnt seem the answer.

Anyway, there’s something I’m missing here. Any help or indication greatly appreciatted.

Same here.

Anyone willing to share any advice?

Anyone a clue why my breakpoint in gdb is not hit, I think I disabled a few things.

@julianjm said:
I’m confused :). I get to the point where the program is comparing my second input with a static value, but doesnt seem the answer.

Anyway, there’s something I’m missing here. Any help or indication greatly appreciatted.

Likewise.

a week ago I finally solved this challenge. In the end, not that difficult. There’s something “hidden” within you should trigger. As someone has said, either you can manipulate your input to trigger that thing or, if you are like me, go for the lazy approach and patch something in the code.

@phingage said:
Hi,

I’m little stuck,

found anti debug trick so not the X password but the longer should be right t33l0 after that there is a strncmp that should be give the right password, but i can’t figure out waths going on, found something interesting (do|oxme) but cant really understand whats the point, any advice?

yes me too i am struggling at that point and no idea with that

I’m at the point where it compares the input to the string on the stack and I can change the strcmp return value so that it prints theyou win. message. However, one of the characters it’s comparing to is not printable. I feel like there’s just one little thing I’m missing to complete the challenge.

Update: figured it out! For those who are stuck on the last part, I’ll give this (hopefully small) hint: the arguments to strncmp and the surrounding code are themselves a hint.

Would anyone who’s completed this be willing to give me some pointers?

My Linux RE experience is a little lackluster, and some of the (what I assume to be) anti-debug features are hindering me when trying to disassemble/decompile the binary. I’ve been trying to research it on my own, but as I don’t really know what it is that I’m looking for, that’s been difficult.

@opt1kz Just PM’d you. (Sorry, didn’t get an email notification for your previous message.)

anyone here willing to share some knowledge? i can see that function that is pointing into the E** TLE for some reason but i cant figure out what its achieving;; plus i can debug this perfectly fine in gdb? i dont seem to have anti D*G problems like people are suggesting here

I’m still stuck at input ‘X’ for week. I’m not sure what to do next. Can some one help me ?

I found radare2 is very helpful in understanding quick overview of binary and solving this without patching anything.

What is the anti debugging trick that causes gdb to only run the program once, then emit:

“No executable file specified.
Use the “file” or “exec-file” command.” ?

I tried hooking p**** in various ways using LD_***, didn’t do any good.

I too have more success with radare2, but I’d like to be able to run it in gdb.

After reading here, it doesn’t seem like everything has troubles with the anti debugging, so I’m not sure if this is intended to be part of the challenge or not, and either way a hint on that would be nice, unless that indeed is the whole challenge.

When I run the binary it just says:

“bash: ./BombsLanded: No such file or directory”

Could someone please confirm if this is an anti-debugging mechanism?

Just Solved the Challenge… I don’t think ElfParser precisely is needed for this… Yes, a little modification is required but only to the reg values… Also, I didnt encounter any anti-debugging… and i used IDA with remote debugging…

Can anyone tell me why when i run in gdb i get “cannot execute” “permission denied”?

Can anyone tell me why when i run in gdb i get “cannot execute” “permission denied”?