CTFtime.org / Affinity CTF 2019 - Quals / backdoor / Writeup

Tags: ghidra ida rev

Rating: 5.0

Backdoor was a packed, 64bit ELF binary. A 500 point reverse. When we run the binary it apparently acts exactly similar to mkfifo command line util. Running strace shows it actually executes mkfifo from /bin.

Solved using ghidra and dynamic analysis using IDA.

Original writeup (https://anee.me/backdoor-reverse-affinity-ctf-2019-6fb37dc20563).

backdoor

Comments

Sign in with