This is the third in a series of introductory Reversing Challenges; Reyjkavik, Riyadh and Rangoon. These are designed for people new to Reversing. A little gdb, C and Assembler knowledge should be enough to solve this challenge. Good Luck!
Note that once you solve the challenge, you can use the flag to decrypt the source file used to create the challenge if you are interested in seeing the original C program.
The LiveOverflow channel on YouTube has some great tutorials on reversing, this video has almost everything you need to solve this challenge: https://www.youtube.com/watch?v=VroEiMOJPm8
Discussion
Sneaky... To anyone who is confused: maybe you should look at how buffer, to which flag is compared, changes. Is it always the same or does it depend on something? Final hint: what is ASCII character for 0x5F?
Anyway, great challenge, definitely worth more than just 10 points. Thanks for your work, will move on to your next CTF!
This challenge is definitely worth more than just 10 points :/
I made it 10 points because it is a very simple reversing challenge. I understand that is more complex than RubberDuck which is also only worth 10 points.
Sneaky... To anyone who is confused: maybe you should look at how buffer, to which flag is compared, changes. Is it always the same or does it depend on something? Final hint: what is ASCII character for 0x5F?
Anyway, great challenge, definitely worth more than just 10 points. Thanks for your work, will move on to your next CTF!
Look in the assembly for checks against the location of the '_' character. Then compare that location to the size of the available input strings. Look at how those checks affect local variables.
4 days ago
when I want to analyze this file in gdb, it says: don't know how to run. I've tried many solutions from GPT or reddit/stackflow and it doesnt want to work. Someone could help me?