Medium Live

Rio32

40 points

5 Solves

Reverse Engineering

Medium

kcbowhunter ctflearn++ badge

Community Rating: 5.00 / 5

This is a 32 bit C program reversing challenge. The challenge is designed to be solved from gdb, although disassembling in Ghidra or IDA would probably help find some key information. I provide some screen shots from Ghidra if you are not familiar with Ghidra. If you are new to Reversing, you can solve this challenge from within gdb using set $eax=value (and maybe a few other registers too). There is a function InitData() with a lot of data used to hide the flag in the exe. You do not need to step into or debug InitData(). This is also true for the function GetFlag()... you don't need to understand this function to solve the challenge.

Some versions of Ubuntu do not ship with 32 bit libraries for gcc. If you can't run the Rio32 program, instructions are included in the readme to install the package you probably need.

If you run angr on the Rio32 exe, please leave a comment indicating if angr could find the flag.

Thanks to @Rivit and @Vidar for solving versions of the challenge while it was under development, they helped make it better!

Once you solve the challenge you can use the flag to decrypt the sources and see how the challenge was created if that interests you. Instructions are provided in the readme.

Thanks and good luck!

First 10 Solvers

Rank Username
1 Rivit
2 Gilad ctflearn++ badge
3 RatsCantRap
4 acdwas
5 kuohaohaha
Rank Username

  • RatsCantRap

    Nice challenge! Reasonably easy to reverse what is needed, I feel like trying to solve InitDate() and GetFlag() could be a challenge on its own.

    • kcbowhunter ctflearn++ badge

      It was meant as an easy reversing challenge, and I put a lot of work into InitData and GetFlag so that the flag cannot be found with strings or just by xor'ing some bytes. Certainly reversing those two functions would be more challenging.