Engineering

UTCTF wirteup [basics] re

[basics] re

100

I know there's a string in this binary somewhere.... Now where did I leave it?

by balex

stringsコマンドでファイル中の文字列を調べます。
$ strings calculator 
/lib64/ld-linux-x86-64.so.2
& 1y
libc.so.6
__isoc99_scanf
__stack_chk_fail
printf
__libc_start_main
__gmon_start__
GLIBC_2.7
GLIBC_2.2.5
GLIBC_2.4
UH-H
AWAVA
AUATL
[]A\A]A^A_
Enter an operator (+, -, *,): 
Enter two operands: 
%lf %lf
%.1lf + %.1lf = %.1lf
%.1lf - %.1lf = %.1lf
%.1lf * %.1lf = %.1lf
%.1lf / %.1lf = %.1lf
Error! operator is not correct
utflag{str1ng5_15_4_h4ndy_t00l}
;*3$"
フラグは、
utflag{str1ng5_15_4_h4ndy_t00l}

Quals: Saudi and Oman National Cyber Security CTF writeup I love this guy

Category:Malware Reverse Engineering
Level:medium
Points:100

Points

Can you find the password to obtain the flag?


fileコマンドでファイルタイプを確認します。.NETアプリケーションです。
$ file ScrambledEgg.exe 
ScrambledEgg.exe: PE32 executable (GUI) Intel 80386 Mono/.Net assembly, for MS Windows
dnSpyで.NETアプリケーションを逆コンパイルします。逆コンパイルされたソースコードのButton_Clickイベントの箇所を確認します。
public char[] Letters = "ABCDEFGHIJKLMNOPQRSTUVWXYZ{}_".ToCharArray();

private void Button_Click(object sender, RoutedEventArgs e)
{
string value = new string(new char[]
{
this.Letters[5],
this.Letters[14],
this.Letters[13],
this.Letters[25],
this.Letters[24]
});
if (this.TextBox1.Text.Equals(value))
{
MessageBox.Show(new string(new char[]
{
this.Letters[5],
this.Letters[11],
this.Letters[0],
this.Letters[6],
this.Letters[26],
this.Letters[8],
this.Letters[28],
this.Letters[11],
this.Letters[14],
this.Letters[21],
this.Letters[4],
this.Letters[28],
this.Letters[5],
this.Letters[14],
this.Letters[13],
this.Letters[25],
this.Letters[24],
this.Letters[27]
}));
}
}
valueとTextBoxの入力値を比較しています。valueは、
FONZY
なので、入力するとフラグが表示されます。
フラグは、
FLAG{I_LOVE_FONZY}
記事検索
ギャラリー
  • TetCTF 2023 NewYearBot
  • UUT CTF writeup Find The Password
  • UUT CTF writeup The Puzzle
  • Hack Zone Tunisia 2019 writeup Microscope
  • Hack Zone Tunisia 2019 writeup Welcome
  • SwampCTF 2019 writeup Brokerboard
  • SwampCTF 2019 writeup Leap of Faith
  • SwampCTF 2019 writeup Last Transmission
  • CBM CTF 2019 writeup Long road
カテゴリー