After failing with basic file
strings
grep
and ltrace
commands on terminal
Firstly, we will use Ghidra to analyze the source code of the "a.out" executable.
-
Install Ghidra from the NSA's website : https://ghidra-sre.org/
(make sure you have a JDK installed to run Ghidra)
#Radare2 can also be used -
Source code is extraced by disassembling using Ghidra. (main.c)
-
Analyze
i. The assembly code to view the addresses of "SUCCESS" and "FAILURE" prompts
ii. We also see that that is flag variable has 16 bytes allocated and thus it would be 15 characters in legnth (last byte for NULL) -
We will now use ANGR and write a python script. (flagfinder.py)
-
After running the script we get the flag ie. CTF{S1MDf0rM3!}
https://docs.angr.io/
https://osandamalith.com/2019/02/11/linux-reverse-engineering-ctfs-for-beginners/
https://github.com/Dvd848
https://www.youtube.com/watch?v=75gBFiFtAb8