WriteUp — THM Reversing ELF

Room for beginner Reverse Engineering CTF players

This is a writeup for TryHackMe room Reversing ELF.

Crackme1

Just run the binary.

Crackme2

strings crackme2 | grep password

Crackme3

strings crackme3 | grep == | base64 -d

Crackme4

ltrace ./crackme4 foo
__libc_start_main(0x400716, 2, 0x7ffeafaa2c98, 0x400760 <unfinished ...>
strcmp("__REDACTED__", "foo")                            = 7
printf("password "%s" not OK\n", "foo"password "foo" not OK
)                        = 22
+++ exited (status 0) +++

Crackme5

ltrace ./crackme5    
__libc_start_main(0x400773, 1, 0x7ffd22b18c58, 0x4008d0 <unfinished ...>
puts("Enter your input:"Enter your input:
)                                      = 18
__isoc99_scanf(0x400966, 0x7ffd22b18b10, 0, 0x7f5c20294ff3foo
)    = 1
strlen("foo")                                                  = 3
strlen("foo")                                                  = 3
strlen("foo")                                                  = 3
strlen("foo")                                                  = 3
strncmp("foo", "__REDACTED__", 28)             = 23
puts("Always dig deeper"Always dig deeper
)                                      = 18
+++ exited (status 0) +++

Crackme6

Open the binary with Cutter RE platform. Inspect the source code.

Crackme7

Use Cutter again. Figure out that a certain input will make the program call giveFlag().

Run the program with the given input and grab the flag.

Crackme8

Use cutter. Figure out the number to compare against and enter it as an argument.

That’s all folks!