Bombs Landed

When I run the binary it just says:

“bash: ./BombsLanded: No such file or directory”

Could someone please confirm if this is an anti-debugging mechanism?

Just Solved the Challenge… I don’t think ElfParser precisely is needed for this… Yes, a little modification is required but only to the reg values… Also, I didnt encounter any anti-debugging… and i used IDA with remote debugging…

Can anyone tell me why when i run in gdb i get “cannot execute” “permission denied”?

Can anyone tell me why when i run in gdb i get “cannot execute” “permission denied”?

Anyone willing to share some tips? I reached the part where it’s reading my second input but nothing is being printed. Not sure what to do next

@Abbas97 said:

Anyone willing to share some tips? I reached the part where it’s reading my second input but nothing is being printed. Not sure what to do next

Your task is the find the correct input. If you enter the correct input, the program will let you know.

The input in question will then also be the challenge-flag.

If you can’t run it, you most likely need to enable i386 in multiarch and install libc6:i386 and libstdc++6:i386.

And for those who have problems, if you only look at what is visible you’re never going to find it.

Someone can confirm that the flag have a non printable char? I think I found the flag, the program says that I win but the flag is not accepted as valid.

Type your comment> @MarioOlofo said:

Someone can confirm that the flag have a non printable char? I think I found the flag, the program says that I win but the flag is not accepted as valid.

It doesn’t have any non-printable characters.

Using radare2 I am able to find strncmp function and main and see their program flow, however I am not understanding how the program jumps to ptrace? Any help will be appreciated

Type your comment> @phingage said:

Hi,

I’m little stuck,

found anti debug trick so not the X password but the longer should be right t33l0 after that there is a strncmp that should be give the right password, but i can’t figure out waths going on, found something interesting (do|oxme) but cant really understand whats the point, any advice?

I have the same problem, can someone help me pls?

never mind, already got it

everytime I start the password with X the program crashes (Segmentation fault (core dumped), any hints?

Most of these “hints” on the forum are all dead ends and rabbit holes.
I used ghidra for a quick decompile of the main function and IDA for debugging. The code changes on runtime. Look at code “around” where the input password prompt is. Hopefully that helps :slight_smile:

PM if you need a nudge

@raiden99 said:

What is the anti debugging trick that causes gdb to only run the program once, then emit:

“No executable file specified.
Use the “file” or “exec-file” command.” ?

I tried hooking p**** in various ways using LD_***, didn’t do any good.

I too have more success with radare2, but I’d like to be able to run it in gdb.

After reading here, it doesn’t seem like everything has troubles with the anti debugging, so I’m not sure if this is intended to be part of the challenge or not, and either way a hint on that would be nice, unless that indeed is the whole challenge.

I solved it but I am curious why does this happen. Can anyone shed light on this matter?

@21stofjuly , I worked on this like 5 months ago and can’t remember the exact details, however while executing the file it will make a JMP call to address (I think 0xF) which causes the segmentation fault. I could be the reason. If someone has other thoughts please let us know.

I am stuck in this challenge with no ideas - any chance someone can post a walkthrough for this challenge ?

Type your comment> @sploitable said:

When I run the binary it just says:

“bash: ./BombsLanded: No such file or directory”

Could someone please confirm if this is an anti-debugging mechanism?

try chmod +x Bombslanded

Type your comment> @thbharam said:

Using radare2 I am able to find strncmp function and main and see their program flow, however I am not understanding how the program jumps to ptrace? Any help will be appreciated

If you look at the program header table in the elf file you will see a DYNAMIC program header. Issuing readelf --dynamic will show you the address of the .init_array section. This section contains constructor functions that will be called before main. One of those functions calls ptrace.

someone can give hint?