[Reversing] Exatlon

Type your comment> @k4wld said:

This box is insane.

I agree

really cool challenge
eline sağlık OctopusTR :slight_smile:

Could use a nudge as well. Spent hours in ghidra finding tons of strings, none that make much sense. Found nothing in the functions either.

This box was nice :smile:

pm for a nudge

If I were to try this in GDB, how would I get around the fact that no file table is loaded.

Kinda a noob here, just started learning reversing.

Edit: Just figured it out using Ghidra to grab the addresses

Type your comment> @m0tic said:

Type your comment> @rshackleford85 said:

yeah i found what i believe is a possible password but it’s a long string and the program won’t accept it as a password. i’ve also checked for bitwise operations to see if it and’s or xor’s the string but i just confused myself even more. any nudges would be appreciated. thx

You are in the right direction. I would suggest to enter any character as the user input (for instance a ‘Z’) and see how the program transforms such value and compares it with the string that you have found. Try the same with a ‘Y’, and so on until you find the pattern.

@Sparre this hint is just golden imo. hope it helps

Coming from C where the function calls are really nice and clean to whatever this is:

<std::basic_ostream<char, std::char_traits<char> >& std::operator<< <std::char_traits<char> >(std::basic_ostream<char, std::char_traits<char> 
>&, char const*)>

is a little rough. Could someone explain to me how to read the C++ function calls?

Edit: I determined it wasn’t necessary. Had a lot of fun with this box, DM if you need a hint

C++ literally has inbuilt obfuscation, such a pain to use gdb

Key here is not to over think it :smiley:

Hello,
can somebody help me solving this challenge? I have a long term of numbers with three or four symbols, but no combinations seems to work as password. I have read this term must be decrypted, can someone give me a hint?

even though i had figured how to get the flag, did not seem time effective to do it character by character… i ended up spending more time trying to completely automate the brute force process with python and gdb. Fun challenge though, learned a lot!

@pedagil said:

even though i had figured how to get the flag, did not seem time effective to do it character by character… i ended up spending more time trying to completely automate the brute force process with python and gdb. Fun challenge though, learned a lot!

It is possible to solve this without brute-force. If you want to know more, feel free to PM me :wink:

If anyone could help, it would be great.
I’ve found the numbers string but have no idea how to decrypt it

@saibafaita said:

If anyone could help, it would be great.
I’ve found the numbers string but have no idea how to decrypt it

Look at what happens before and reverse it :wink:
Feel free to PM, if that’s too cryptic.

Edit: Just saw you already PM’d me :blush:

Well, i took a bit more time since i never read c++ code (nor its assembly form) but the solution is way easier (and less time consuming) to get than by brute forcing it !

That one simple instruction in the middle of it needed a bit of attention !

very nice

After I got the sequence of numbers I passed almost two days trying to understand how to get the password. I couldn’t, I needed to get some more tips to reach the solution. This box was different, I liked it.

Guys, could you please tell me, what system does this binary run on? It does not work on the newest Kali, oldes Ubuntu… What system did you start it?

@crowman said:

Guys, could you please tell me, what system does this binary run on? It does not work on the newest Kali, oldes Ubuntu… What system did you start it?

What does the file command tell you about the file type? Also, you don’t necessarily need to run it, to solve it :wink:

Type your comment> @HomeSen said:

@crowman said:

Guys, could you please tell me, what system does this binary run on? It does not work on the newest Kali, oldes Ubuntu… What system did you start it?

What does the file command tell you about the file type? Also, you don’t necessarily need to run it, to solve it :wink:

Hello! I’ve solved it. Actually i had to run it at least once to see if it works =) File was broken, that was the problem. This case no matter what file command gives us, cuz it’s gonna be a bit difficult to go forward. Yup, and solved without debugger.
Thanks, HomeSen

Thanks @m0tic for the hint of trying input one chr at a time, and @HomeSen 's cryptic “It is possible to solve this without brute-force.” wink wink.
Well I only know ASCII so.