Easy Live

Riyadh

10 points

80 Solves

Reverse Engineering

Easy

kcbowhunter ctflearn++ badge

Community Rating: 4.70 / 5

Another entry level Reversing challenge, if you are new to Reversing you probably want to try my Reyjkavik challenge before attempting this challenge. Good Luck! The flag is hidden inside the Riyadh program. Solve the Challenge, get the flag, and I have included the encrypted sources used to create the challenge in the Riyadh.zip file. If you do to the work of solving the Challenge, I'm providing the Challenge source code (C++ and Python) if you are interested in studying the sources after solving the challenge. I think this is a great way to improve your Reversing skills when learning. Please don't share the sources or flag after you solve the challenge.

First 10 Solvers


  • Londek

    As we all know, XOR is basic element of nowaday encryption algorithms

    • Rivit

      Protected

      [REDACTED] This comment is only shown to users who have solved this challenge.

  • SunTzu

    I think it's worth more than 10 points

      • zapa1928

        Definitely more than 10. Or rather; many easier challenges are counted disproportionately more

        • kcbowhunter ctflearn++ badge

          It is hard to set the point value sometimes... my reasoning for 10 was because it's an entry level Reversing challenge with symbols included and I have a lot of ideas for more difficult challenges. But I understand also that this Reversing challenge requires more skills and work than say solving a 10 point Forensics challenge that only needs strings :-) I will probably not have any more 10 point reversing challenges so solvers are better rewarded for their efforts

          • zapa1928

            It's cool. Rather than wanting more points for the effort I was just surprised that the challenge wasn't as easy as I assumed based on previous challenges. Cheers XD

            • kcbowhunter ctflearn++ badge

              Thanks... and long term I'd like to create more challenges with C++, multi threading, with and without symbols, with and without sse registers etc, so by starting at 10 points I'm leaving room to add complexity gradually in future challenges. I'd also like to write a few challenges in Assembler using some techniques to make disassembly more difficult. I just wish we had more people interested in reversing, but hopefully these introductory level challenges will encourage more people to learn assembler and gdb and give Reversing a try, it's very interesting.

  • rasyidmf

    it took me about 1 hours, i should you need to change about 40 point. also im not see some instruction too

    • kcbowhunter ctflearn++ badge

      My (easier) reversing challenge Reykjavik has a number of links to tutorials etc for getting started in Assembly and Reversing.

    • kcbowhunter ctflearn++ badge

      There is a readme file provided and also a file named 'reversing' that lists some internet resources for learning Reversing. The YouTube videos by LiveOverflow are excellent if you have not seen them yet.

  • rasyidmf

    Protected

    [REDACTED] This comment is only shown to users who have solved this challenge.

  • SquidBoy

    Protected

    [REDACTED] This comment is only shown to users who have solved this challenge.

    • kcbowhunter ctflearn++ badge

      Protected

      [REDACTED] This comment is only shown to users who have solved this challenge.

    • kcbowhunter ctflearn++ badge

      Thanks... if you enjoyed this you might also enjoy my Rangoon Reversing Challenge.

  • SHaNTuDe

    Great challenges, I love the progression from easy to medium to hard. Up next: Rangoon

    • kcbowhunter ctflearn++ badge

      Glad you liked it, I have another one almost ready to submit called Recklinghausen

  • Tor1

    bro i am stuck i can't change flag values ................ HELP

    • kcbowhunter ctflearn++ badge

      Have you watched this video? https://www.youtube.com/watch?v=VroEiMOJPm8

      • Tor1

        i have it helped in solving Reykjavik but not here

        • kcbowhunter ctflearn++ badge

          Can you send me a private message on Twitter or Discord @kcbowhunter and describe your problem?

  • impregnable

    I am not understanding this line : cmp BYTE PTR [rbp+0x1c],al I have watched the youtube videos. Kindly help

    • kcbowhunter ctflearn++ badge

      https://www.tutorialspoint.com/assembly_programming/assembly_conditions.htm http://www.c-jump.com/CIS77/ASM/Instructions/I77_0250_ptr_pointer.htm

      Google is your friend :-)

  • impregnable

    <ol> <li>cmp BYTE PTR [rbp+0x1c],al : 2. je 0x1384 <main+644> I want that the condition is true and it jumps . I have tried doin set $rax=$al and set $rax=0x1c but I am not understanding how to do it and I do not want to read the whole code and set value of rax to value of al because thats not the correct way . Kindly help and I hope I am on the right way to get the flag</li> </ol>

    • kcbowhunter ctflearn++ badge

      Can you try just setting the CX register after the CMP instruction?

      • impregnable

        When I tried setting $rcx=$al (because the cmp instrution is comparing the byte ptr value with value at al) it still did not jump.

      • impregnable

        When I tried setting $rcx=$al (because the cmp instrution is comparing the byte ptr value with value at al) it still did not jump.

        • kcbowhunter ctflearn++ badge

          I think you need to set the cx register to 0 after the compare

          • impregnable

            bro I set the $rcx=0 after the cmp instruction but it still not jumps to (main+644 ). I doubt even if I am on the right track or not.

            • kcbowhunter ctflearn++ badge

              I have a bunch of things to do today. Can you google 'linux gdb tutorial' ?

    • kcbowhunter ctflearn++ badge

      Also gdb allows you to jump to a specified address: https://ftp.gnu.org/old-gnu/Manuals/gdb/html_node/gdb_112.html

      • impregnable

        the jump *address is showing Program received signal SIGSEGV, Segmentation fault.

  • kitty5kull

    Protected

    [REDACTED] This comment is only shown to users who have solved this challenge.

    • kcbowhunter ctflearn++ badge

      Would you have the time to try angr on my Rio32 problem? I'm curious if angr can solve it. Thanks.

      • kitty5kull

        Protected

        [REDACTED] This comment is only shown to users who have solved this challenge.

        • kcbowhunter ctflearn++ badge

          Protected

          [REDACTED] This comment is only shown to users who have solved this challenge.

  • solvicus

    This was very interesting. Took me a day to figure it out but I'm a complete noob (started learning reverse engineering 3 days ago). Learned a lot.

    • kcbowhunter ctflearn++ badge

      Congrats for hanging in there and solving it. Ghidra is a great tool for helping with Reversing problems if you haven't tried it yet.