Sunday, December 17, 2017

InCTF | Rev Challenge: Time

Challenge:
Time

Category
Rev



Since this was an ARM file I couldn't find a way to run it on my machine, so I stuck to disassembling the binary file with Binary Ninja.

Looking at what was going on, I found a big segment of data that definitely looked like it could be important.



Working backwards from here, it became clear that the function that spits out the flag, uses this data, and looking at the disassembly, you can see that the program is taking each one of these hex values and XORing it with 0x7.



I created a Python script to do just that:



Running it we get the flag:



0 comments:

Post a Comment

Note: Only a member of this blog may post a comment.

Powered by Blogger.