room info  
Name: Reversing ELF
OS: Binaries
Difficulty: Easy
Link: TryHackMe

   

Crackme1

Just executing the file gave us the flag

┌──(n4ruto㉿iasad.me)-[~/CTFs/tryhackme/reversing-ELF]
└─$ chmod +x crackme1

┌──(n4ruto㉿iasad.me)-[~/CTFs/tryhackme/reversing-ELF]
└─$ ./crackme1                                             
flag{not_that_kind_of_elf}

 

  flag   flag{not_that_kind_of_elf}

 

Crackme2

Our input is compared with a hard-coded string. retrievable using strings or ltrace.

Untitled

 

  flag   super_secret_password

 

Crackme3

Once again, we encounter a base64-encoded string within the character sequences. Decoding it reveals the password: f0r_y0ur_5ec0nd_le55on_unbase64_4ll_7h3_7h1ng5.

Untitled

 

  flag   f0r_y0ur_5ec0nd_le55on_unbase64_4ll_7h3_7h1ng5

 

Crackme4

Again our input is compared with actual flag that we can retrive using ltrace

Untitled

 

  flag   my_m0r3_secur3_pwd

 

Crackme5

Opening the binary in Ghidra, we can see that every character of the password is saved in a separate veriable. We can retrieve the password by converting value of each variable from hex to char.

Untitled

Since the string is compared with our input, we can use ltrace to retrieve it easily.

Untitled

 

  flag   OfdlDSA|3tXb32~X3tX@sX`4tXtz

 

Crackme6

Again opening the binary in Ghidra, we can see the password is 1337_pwd.

Untitled

 

  flag   1337_pwd

 

Crackme7

Analyzing the binary in Ghidra, we see that the flag is printed when we put option value 31337

 

Untitled

 

┌──(n4ruto㉿iasad.me)-[~/CTFs/tryhackme/reversing-ELF]
└─$ ./crackme7
Menu:

[1] Say hello
[2] Add numbers
[3] Quit

[>] 31337
Wow such h4x0r!
flag{much_reversing_very_ida_wow}

 

  flag   flag{much_reversing_very_ida_wow}

Crackme8

This one is similar to crackme7, we just have to put option value -889262067 to get the flag.

Untitled

 

┌──(n4ruto㉿iasad.me)-[~/CTFs/tryhackme/reversing-ELF]
└─$ ./crackme8 -889262067
Access granted.
flag{at_least_this_cafe_wont_leak_your_credit_card_numbers}

 

Untitled

 

  flag   flag{at_least_this_cafe_wont_leak_your_credit_card_numbers}