Extreme Coders Posted November 1, 2015 Share Posted November 1, 2015 (edited) This is a CTF style challenge. Objective : You need to find the flag which will print the good boy messageRules : Everything is allowed Have fun! Virustotal scanfindtheflag.rar Edited November 1, 2015 by Extreme Coders 4 Link to comment Share on other sites More sharing options...
GIV Posted November 2, 2015 Share Posted November 2, 2015 (edited) Stupid patch. findtheflag1.rar Edited November 2, 2015 by GIV 3 Link to comment Share on other sites More sharing options...
Extreme Coders Posted November 2, 2015 Author Share Posted November 2, 2015 @GIV: Good Work. A little hint if someone else is interested in finding the actual flag. It consists of exactly 30 printable ascii characters. 1 Link to comment Share on other sites More sharing options...
GIV Posted November 2, 2015 Share Posted November 2, 2015 (edited) They can do a simple compare of my patched file with original file. Is just a byte patch.Is a xor and a compare operation and a simple jump to pass the bad boy message. I have searched in memory the bad boy string, put a hwbp on access on the first letter then when it was triggered i looked in the call stack to see from where it was accessed and forward using the stack i have reached the actual check routine.I have no patience to recompose the original string just i have put a compare to be equal (EAX=0) and so the program jumps always to good boy. Edited November 2, 2015 by GIV Link to comment Share on other sites More sharing options...
SmilingWolf Posted November 2, 2015 Share Posted November 2, 2015 (edited) The thing is, in an actual CTF you'd need the string. C'mon yer ol' lad, put a little extra effort in this, at least it is not the usual "überpacked" .NET file, too much of that sith has been posted here in the last year... Edited November 2, 2015 by SmilingWolf 2 Link to comment Share on other sites More sharing options...
Solution kao Posted November 2, 2015 Solution Share Posted November 2, 2015 (edited) flag{Y0u_s0lved_that_r1ght!!!} EDIT: I enjoyed it so much that I think it deserves a small writeup. Coming up in few hours.. Edited November 2, 2015 by kao 11 Link to comment Share on other sites More sharing options...
Extreme Coders Posted November 2, 2015 Author Share Posted November 2, 2015 That was quick. I am literally out of words. You actually deserve a prize for this. Link to comment Share on other sites More sharing options...
kao Posted November 2, 2015 Share Posted November 2, 2015 Here's the writeup: http://lifeinhex.com/solving-find-the-flag-crackme-by-extreme-coders/ 6 Link to comment Share on other sites More sharing options...
Jasi2169 Posted November 2, 2015 Share Posted November 2, 2015 (edited) Where there is no hope there is KAO oh not to forget tonyweb Edited November 2, 2015 by Jasi2169 Link to comment Share on other sites More sharing options...
Gyrus Posted November 3, 2015 Share Posted November 3, 2015 Thank you Extreme Coders, nice challenge.flag{Y0u_s0lved_that_r1ght!!!} Attachments include cleaned (NOPed) executable findtheflag1.p1.rar a Mathematica nb file plus its html output Untitled-2.rar pseudo-code maincode.txt 3 Link to comment Share on other sites More sharing options...
Extreme Coders Posted November 3, 2015 Author Share Posted November 3, 2015 @Gyrus: Excellent work. Link to comment Share on other sites More sharing options...
Recommended Posts
Create an account or sign in to comment
You need to be a member in order to leave a comment
Create an account
Sign up for a new account in our community. It's easy!
Register a new accountSign in
Already have an account? Sign in here.
Sign In Now