The objective of this challenge is to reverse the executable file to obtain the passcode to unlock the flag.
For this challenge, I used the Red Gate .NET Reflector to open the executable and view the source code.
The program validates the passcode by performing a bitwise XOR with a preset value (num2) and ensure it equal to another preset value (num3). In order to get the passcode, I just perform a bitwise XOR with num2 and num3.
0xc5ec4d790L ^ 0xf423abdb7L = 0xf1cfe6a27L
Convert the value to decimal value = 13371337255
Enter the passcode and ...
flag{I'll create a GUI interface using visual basic...see if I can track an IP address.}
Enter the flag and captured. 100 points
Once upon a time ^-^,
whit3sn0w
I don't understand, how do you do a bitwise XOR?
ReplyDeleteGreat writeups btw.
This comment has been removed by the author.
ReplyDeleteHi jimmy,
ReplyDeleteBitwise XOR is done by perform the XOR operation on corresponding bits of two equal length bit pattern.
Let's take a look at 0xc5ec4d790L,
0x means that the number is a hexadecimal and the suffix L means it is a long type.
You can either convert the hexadecimal to binary to do XOR on every corresponding bit manually or you can use the calculator from windows and set it to Programmer mode (View > Programmer). Set it to Hex and punch in the number without x0 and suffix L and do the XOR operation and you will get the answer in Hex. Select the Dec check box, you will get the decimal value which is the flag.
The reason I did an XOR to get the flag is because of the nature of XOR operation.
A XOR B = C
C XOR B = A
A XOR C = B
Hope that this helps =)
whit3sn0w
Correction: The decimal value is passcode not the flag.
ReplyDeleteYeah thats fantastic! Thanks for your help.
ReplyDelete