Medium Live

Rabat Reversing Challenge

50 points

11 Solves

Reverse Engineering

kcbowhunter ctflearn++ badge

Community Rating: 5.00 / 5

Headline

Lorem ipsum dolor sit amet, consectetur adipiscing elit, sed do eiusmod tempor incididunt ut labore et dolore magna aliqua. Ut enim ad minim veniam, quis nostrud exercitation ullamco laboris nisi ut aliquip ex ea commodo consequat. Duis aute irure dolor in reprehenderit in voluptate velit esse cillum dolore eu fugiat nulla pariatur. Excepteur sint occaecat cupidatat non proident, sunt in culpa qui officia deserunt mollit anim id est laborum.

This Reversing Challenge is created using assembly language. I've done a few things to confuse Ghidra / IDA Pro to make it interesting for you.

At some point in your analysis you may come to a point where it appears you need to brute force approximately 10^32 values... there is an easier way if you examine all of the assembly code. No need to brute force this challenge.

If you are interested the source files used to build the challenge are available after you solve the challenge - see the readme for details. Good Luck!

Once you solve it I'd love to hear about your approach and what you found easy and difficult about the challenge. Thanks!

First 10 Solvers

Rank Username
1 Rivit
2 Gilad ctflearn++ badge
3 3cd54
4 momo1
5 1GN1tE
Rank Username
6 Canlex
7 gecvae
8 Ichild
9 iknip
10 itisme

Comments

    • itisme

      Protected 0.0

      [REDACTED] This comment is only shown to users who have solved this challenge.

      • kcbowhunter ctflearn++ badge

        Protected 0.0

        [REDACTED] This comment is only shown to users who have solved this challenge.

    • Ichild

      0.0

      I don't know why but when I just run it, without gdb, it always shows debugger detected

      • kcbowhunter ctflearn++ badge

        0.0

        It shouldn't do that, how fast is your computer? There is a timing test to detect the debugger. Do you know how to patch the binary to remove the jmp after the debugger test? Or I can build you a new version which allows more time when running outside the debugger. Sorry for the problem you are having.

        • Ichild

          0.0

          Thanks, but that doesn't matter for me, I've solved it without debugger or running it correctly.

    • gecvae

      Protected 0.0

      [REDACTED] This comment is only shown to users who have solved this challenge.

      • kcbowhunter ctflearn++ badge

        Protected 0.0

        [REDACTED] This comment is only shown to users who have solved this challenge.

    • 1GN1tE

      Protected 0.0

      [REDACTED] This comment is only shown to users who have solved this challenge.

      • kcbowhunter ctflearn++ badge

        Protected 0.0

        [REDACTED] This comment is only shown to users who have solved this challenge.

    • momo1

      Protected 0.0

      [REDACTED] This comment is only shown to users who have solved this challenge.

      • kcbowhunter ctflearn++ badge

        Protected 0.0

        [REDACTED] This comment is only shown to users who have solved this challenge.