[Reversing] Exatlon

can I ask someone to give me a helping hand with this. more like i want to understand it.
I have loaded it into ghidra and can see some data but don’t know how to manipulate it

i got a long number string. i am stuck here. can anyone tell me if im in the right direction ?

okay. i was able to solve this.
this was pretty interesting one.
pm for a nudge.

Ok actually was really easy!!
Guys be careful this binary is compressed take a look to strings and google!
The “hard” part is decoding the password!

I solve it :slight_smile:
pm for a nudge

can I ask someone to hold my hand through this one. using IDA, I have found a possible long string but thats about it. Reversing is something new to me so getting confused very easily

Type your comment> @m0tic said:

Type your comment> @rshackleford85 said:

yeah i found what i believe is a possible password but it’s a long string and the program won’t accept it as a password. i’ve also checked for bitwise operations to see if it and’s or xor’s the string but i just confused myself even more. any nudges would be appreciated. thx

You are in the right direction. I would suggest to enter any character as the user input (for instance a ‘Z’) and see how the program transforms such value and compares it with the string that you have found. Try the same with a ‘Y’, and so on until you find the pattern.

This was the nudge I needed. Thanks

is it had to do with ul***g ?

I was able to solve it by reversing to narrow down to the actual functions, then used Python with GDB scripts. (May the brute force be with you)

Just out of curiosity, is it U**** compressed? I feel it’s not, but cannot confirm.

This box is insane.

Type your comment> @k4wld said:

This box is insane.

I agree

really cool challenge
eline sağlık OctopusTR :slight_smile:

Could use a nudge as well. Spent hours in ghidra finding tons of strings, none that make much sense. Found nothing in the functions either.

This box was nice :smile:

pm for a nudge

If I were to try this in GDB, how would I get around the fact that no file table is loaded.

Kinda a noob here, just started learning reversing.

Edit: Just figured it out using Ghidra to grab the addresses

Type your comment> @m0tic said:

Type your comment> @rshackleford85 said:

yeah i found what i believe is a possible password but it’s a long string and the program won’t accept it as a password. i’ve also checked for bitwise operations to see if it and’s or xor’s the string but i just confused myself even more. any nudges would be appreciated. thx

You are in the right direction. I would suggest to enter any character as the user input (for instance a ‘Z’) and see how the program transforms such value and compares it with the string that you have found. Try the same with a ‘Y’, and so on until you find the pattern.

@Sparre this hint is just golden imo. hope it helps

Coming from C where the function calls are really nice and clean to whatever this is:

<std::basic_ostream<char, std::char_traits<char> >& std::operator<< <std::char_traits<char> >(std::basic_ostream<char, std::char_traits<char> 
>&, char const*)>

is a little rough. Could someone explain to me how to read the C++ function calls?

Edit: I determined it wasn’t necessary. Had a lot of fun with this box, DM if you need a hint

C++ literally has inbuilt obfuscation, such a pain to use gdb

Key here is not to over think it :smiley:

Hello,
can somebody help me solving this challenge? I have a long term of numbers with three or four symbols, but no combinations seems to work as password. I have read this term must be decrypted, can someone give me a hint?