Find The Secret Flag

I finally got it!!! I didn’t do it with a Python script though I did edit the asm code to get it done. Could have done the same thing with a script though. I think what tripped me up for so long was that I was trying to create a solution via inputs and at least for my solution I couldn’t find a way. Maybe it’s possible.

This challenge is destroying me… it’s been like 3 days of fail… lol

Anyone willing to PM me on this?? I’m completely lost at this point… found all the pseudo “keys”, IDK what else to do at this point.

Managed to get the flag and the creator but the system doesn’t accept it. Maybe there is something missing or wrong on my inputs.

@zauxzaux said:
Anyone willing to PM me on this?? I’m completely lost at this point… found all the pseudo “keys”, IDK what else to do at this point.

you should be careful, take a hexadecimal value and xor in hex edit (WinHex)

Maybe this might help somebody out, but this challenge can be done neither by changing the assembly nor by using python. It’s all in there.

Spoiler Removed - Arrexel

It is only needs a small patch and a bash script :wink:

I’d argue that there’s no need for patching the binary. Just look at the right spot and maybe write a simple script :slight_smile:

Spoiler Removed - egre55

Spoiler Removed - egre55

I got a key and the message “Are you sure it’s the right one? …”. I don’t know how to continue further. I found the “secret function” but I have no idea with what to call it.

Solved, took a bit but this was a very cool challenge

Solved it too.
But have some questions about the solution.
If anyone feels like it, it would be nice to have a chat about it, feel free to reach me.
Thanks

@trebla said:

I think that I have found the name of the creator but I have weird characters between the two names and at the end of the string.

I got the same problem. Try doing what you are doing but on the whole file.

Hi, I’ve got to the exact same point.

At this moment I am able to decode all the “strings” found inside the asm, but the one with the name of the creator has garbage chars as stated before.

I tried to find other meanings to those “extra” hex codes but without any luck.

I’m pretty sure I’m decoding the correct hex because I was able to get it both by extracting the hex from the asm and both by getting an already decoded string from the asm (with a little patch).

Do you have any suggestion on this?
Thanks!

Ok, I finally did it… this morning I suddenly woke up with a possible solution on my mind about why I had some “garbage” characters, took the pc and fixed the decoding XD
:slight_smile:

Anyone willing to mentor me on this one? I’m not an experienced debugger… still learning the basics.
I can understand, on a high level, what the program is doing and I’ve found flags and strings that appear to be part of the solution.
Looking online for the solution is not the way that I want to go, so if anyone is willing to spend some cycles with me, that would be awesome :slight_smile:

Thanks!

Can someone PM for this challenge? Maybe I can help you with whatever you are stuck with.

Fantastic challenge! I neither patched the binary nor used a script. I first went through the ‘obvious’ / ‘visible’ part of the code with disassembler and debugger … to find out that I am really ‘not sure’ if this the flag because of the ambiguity of the alleged solution.

Then I tried to really solve it by reading the rest of the assembly, analyzing what the remaining stuff does or better, would do.
As this part is to some extent similar to the rabbit hole, it may help to have ploughed through the other stuff in detail through it’s not really required.

I made a patch on the binary and found the name of the authors. Using the original binary and the same argument it was possible to get the flag, but I don’t know why the portal isn’t accepting. It should be HTB{flag}, right? Should I convert to l33t speak?