Welcome to the Rio32 Reversing Challenge

This is designed as a simple reversing challenge for people new to Reversing.

The source is C program compiled as a 32 bit exe.

Thanks to @Rivit for suggesting doing a new challenge different than providing the flag as an argument.

This challenge is designed to be solved via gdb, but you could also solve it using Ghidra and try to extract the
flag directly.  I think it is probably easier to solve via gdb.

I have included a few screenshots from Ghidra if you are unfamiliar with Ghidra.
(See https://www.youtube.com/watch?v=fTGTnrgjuGA for more information on Ghidra).

One screenshot shows the disassembler for the main function and some of the important logic for
solving the challenge.

The other screenshot shows the disassembler for InitData which is where the flag data is encoded / hidden.  You
can step over InitData (and also GetFlag), you don't need to understand these two functions to solve the challenge.
The challenge is designed to be solve by simply single stepping through the main function and not stepping into
any functions.  As you are single stepping through the main function, you will probably want to change a few
register values in gdb and you can do this via: set $eax = value

Thanks to @Rivit and @Vidar for solving the challenge before I posted it to ctflearn.com; their comments and
suggestions made it better!

Good Luck!

-------------------------------------------------------------------

This challenge is a 32 bit C program.  If the program does not run on your Linux box, you may need to install this
additional package:

https://zoomadmin.com/HowToInstall/UbuntuPackage/gcc-multilib
https://askubuntu.com/questions/453681/gcc-wont-link-with-m32

I developed this challenge on Ubuntu 20.04.1 LTS with gcc 9.3.0.

-------------------------------------------------------------------

When you solve this challenge, I think you should be able to see the sources used to create the challenge.

So to see the source files used to create the challenge you have to solve the challenge first, then
you can use the challenge flag you found to decrypt the sources.zip.enc file provided:

openssl enc -d -aes-256-cbc -pbkdf2 -in sources.zip.enc -out sources.zip -k kernel

where kernel is defined as CTFlearn{kernel} based on the flag you found solving the challenge.

If you are not familiar with openssl:
openssl enc -help
shows the options available

Solve the challenge, get the flag, then you can decrypt and read the sources.

--------------------------------------------------------------------

Please do not post this challenge to any websites.
Please do not post the solution to this challenge to any websites.
Please do not post the flag for this challenge to any websites (including CTFlearn.com ).
Please do not share the source files in sources.zip with anyone or upload them to any website.
Please do not create your own challenge from my sources.
Thank you.

-----------------------------------------------------------------------

I am available on Twitter and Discord as @kcbowhunter, but I'm afraid you will have to
do your own research / learning on Reverse Engineering.  I have provided some online
resources in the file 'reversing' to get you started if you are wondering how to begin learning
Reverse Engineering.





