re
Packed
solved by : avantika(@iamavu)
we are given a binary, called packed i.e this has been obfuscated/packed by the dev, which hinders our exploitation and reversing as it’s very hard to understand what’s going on
we use checksec command provided by pwntools to check which packer they have used
pwn checksec packed
as we can observe it has been packed with UPX, quite the popular packer, now we just need to unpack it to see all the functions properly, so we can dissect it using the following command
upx -d -o unpacked packed
we would now have binary called unpacked in our current directory, which will be unpacked and not obfuscated
fire up your ghidra, let’s have a look at the functions, the entered
function has our flag in plaintext, so pretty much easy win
HTB{unp4ck3d_th3_s3cr3t_0f_th3_p455w0rd}
pwned!
LootStash
Solved by : Starry-lord
Since I don’t really dive into reversing usually, I decided to try my luck with tools like ghidra for the occasion.
We can see the binary seems to output a random string, searched into a list then closes the program.
Immediately curious to see what was the list, I looked for it into ghidra and eventually cycling through the functions, you can find it.
Then curiosity made the rest possible, since i wanted to find some sort of pattern or something that would stand out:
After all of this, realised you could’ve actually just used strings:
HTB{n33dl3_1n_a_l00t_stack}
Boxcutter
Solved by : thewhiteh4t
- Very simple challenge, all we had to do is load the binary in GDB and go few instructions forward and we get the flag, free points.