Friday, November 3, 2017

Can-CWIC CTF | Rev Me Easy

CTF:
Can-CWIC CTF

Challenge:
Rev Me Easy

Classification:
Rev



Downloading the source code and running objdump on it, we can see the following output:




Pretty simple to see what's going on here: Hex values are being moved into the edx register and then xor'd with eax, which we can see from the first instruction is 0x10. So let's collect all of these edx values, xor them with 0x10, and see if we get anything interesting to work with.

To do this, we can create a simple python script:



Running this we get the following:



And that's all she wrote, folks--our flag! Reversing this was indeed easy!



0 comments:

Post a Comment

Note: Only a member of this blog may post a comment.

Powered by Blogger.