English [Internetwache CTF 2016] [Reverse 60 – File Checker] Write Up

Description

Internetwache CTF 2016 : File Checker
Category: Reversing Points: 60 Solves: 190 Description:

Description: My friend sent me this file. He told that if I manage to reverse it, I’ll have access to all his devices. My misfortune that I don’t know anything about reversing :/

Attachment: rev60.zip

Resolution

We first run a file on the binary given:

laxa:Challenges:00:28:43$ file filechecker 
filechecker: ELF 64-bit LSB executable, x86-64, version 1 (SYSV), dynamically linked (uses shared libs), for GNU/Linux 2.6.32, BuildID[sha1]=0x617e4c56b55182a13d2c8c7f3aed05c2a6cc355b, stripped

Then we crawl IDA to search for interesting informations and we get the following piece of codes:

filechecker

I then make a little C# script to reverse the process and we get the flag:

using System;
using static System.Console;

namespace FileChecker
{
    class Program
    {
        static void Main()
        {
            int[] arr = Array.ConvertAll("4846,4832,4796,4849,4846,4843,4850,4824,4852,4847,4818,4852,4844,4822,4794".Split(','), Int32.Parse);

            for (int i = 0; i < arr.Length; i++)
            {
                Write(Convert.ToChar(4919 - (arr[i])));
            }
            WriteLine();
            ReadKey();
        }
    }
}

Flag is: IW{FILE_CHeCKa}

Leave a Reply

Your email address will not be published.