SECCON Beginners 2022 writeup
This weekend, I participated the SECCON Beginners CTF. I took some reversing problems and solved a couple of them.
Quiz
An ELF file was given when decompressed a given file.
In many rev challenge for beginner, the flags can be obtained by using the STRINGS command.
Recursive
An ELF file was given.
The main function of recursive is below.
In line 18, it compared correct FLAG with an input in line 15. If the input was correct, return value will be 0.
Now, let's see the check function.
In line 13, it compared whether the length of string was 1 or not.
Between line 19 and 21, it divided the string (which is param_1) into 2 equal parts. This was repeated until the length of string was 1, thus the name of this challenge was RECURSIVE.
In line 14, it compared with correct FLAG one character by one character.
I didn't know smart way to solve this, so using GDB and obtained the flag.
Ransom
An ELF file, a pcap file and an encrypted file were given.
Let's see the ELF file first.
FUN_001016a2 was the main function.
In line 45, the result of FUN_0010157f was written in line 34. It was sent to 192.168.0.255 in line 62.
It looked like a RC4 algorhythm. Therefore, the data sending to 192.168.0.255 was a key to decrypt it. Let's see the pcap file with WireShark.
A string "rgUAvvyfyApNPEYg" was a key for encrypted file. Now, using Cyberchef, you can solved this challenge.
