unpackme-upx picoCTF Reverse Engineering writeup

-

 

Description

Can you get the flag? Reverse engineer this binary.
 
Hint: 
 
What is UPX?

Solution

First I was trying to see upx and i downloaded it
 
sudo apt install upx
 
check out this link to learn more about upx
 
https://upx.github.io/
 
It is free open source executable packer and decompresser tool and as the hint for this challenge says we have to check upx and how it works.

Step-1:

Lets decompress our packed executable file 

 
 
 
Step-2: 

Now we can disassemble or de-compile. we can do what ever we want to the binary

Personally, I use radare2 for disassemble 
Now Lets Disassemble the program






So here is our disassembled code

at 0x00401e9c the program print what is my favorite .....

at 0x00401ec0 it takes input using scanf function

at 0x00401ec8 the program is trying to compare the integer we input and this hex 0xb83cb

Step-3:
 
 Lets try to convert it to decimal the hex


Now lets try this integer as an input 



Flag:

picoCTF{up><_m3_f7w_5769b54e}

Conclusion:

The whole point in this challenge to learn about upx and how to compress and decompress binaries

Comments

Post a Comment

Popular posts from this blog

flag [pwn]pwnable.kr game writeup

-
Image
                                flag [pwn]pwnable.kr game writeup Description Papa brought me a packed present! let's open it. Download : http://pwnable.kr/bin/flag This is reversing task. all you need is binary     Step-1: As the description says the binary is packed so lets see if we can do smtg.  UPX 😋 Step-2: Lets unpack the binary Step-3: Lets disassemble and get the flag........................... Personally I use radare2 mostly  Flag: UPX...? sounds like a delivery service :)
Read more

droid2 picoCTF Reverse Engineering writeup

-
Image
Description Find the pass, get the flag. Check out this file .   Solution    lets decompile the app using jadx-gui    Link to download jadx-gui   wget https://github.com/skylot/jadx/releases/download/v1.1.0/jadx-1.1.0.zip unzip jadx-1.1.0.zip -d jadx cd jadx ./jadx-gui           Lets launch and open two.apk and seek to com.hellocmu.picoctf.FlagstaffHill         At this function we have seen an array containing string and the if condition is trying to access the array.   Above that there is a variables and i try to represent those like this      then I create a simple python program because I don't like in Java for real. here is the program         Now, lets try this password    dismass.ogg.weatherwax.aching.nitt.garlick   Flag: picoCTF{what.is.your.favourite.colour}    
Read more

Malware Development Basics

-
Image
  Malware is malicious software specifically designed to damage, steal, or exploit information from computer systems and networks. It can take various forms, such as viruses, worms, Trojans, ransomware, and spyware. Developing, distributing, or using malware is against the law and can lead to severe legal consequences, including fines and imprisonment. It is essential to use your programming skills for legitimate and ethical purposes, such as creating useful applications, enhancing cybersecurity, and contributing positively to the digital world. If you are interested in cybersecurity, ethical hacking, or learning how to protect computer systems from potential threats, there are legitimate and legal ways to pursue knowledge and training in these fields. There are various courses, certifications, and resources available that focus on ethical hacking and cybersecurity practices. By choosing the ethical path, you can contribute positively to society and help create a safer and more sec...
Read more