Tags: elf ltrace strace 


# Abstract
For the detailed version see the [Github page](https://github.com/KamilPacanek/writeups/blob/master/ctf/HTB.CA2021/passphrase.md).

## ToE
We are given the `passphrase` file.

## Analysis

First things first, analyze what we have with file:

$ file passphrase

passphrase: ELF 64-bit LSB pie executable, x86-64, version 1 (SYSV), dynamically linked,
interpreter /lib64/ld-linux-x86-64.so.2, for GNU/Linux 3.2.0, BuildID[sha1]=60f6b6064d2e34a2b6a24dda9feb943b0b8c360f, not stripped

Symbols are left within the executable. This is good as it makes working with the file easier. Then I did quick lookups with `ns`, `objdump`, `ldd` and it helped me to establish that program compares user input with some string. So we need to find that string.

I'm using `strace` and `ltrace` having the latter one to show me the value I was looking for.

strlen("\nTell me the secret passphrase: "...) = 32
sleep(1) = 0
"dsada\n", 40, 0x7f8568531980) = 0x7ffc986e2da0
strlen("dsada\n") = 6
strcmp("3xtr4t3rR3stR14L5_VS_hum4n5", "dsada") = -49
printf("\033[31m") = 5
strlen("\nIntruder alert! \360\237\232\250\n") = 22

So after presenting a secret passphrase, the executable gives us the flag:

strlen("\nTell me the secret passphrase: "...) = 32
sleep(1) = 0
"3xtr4t3rR3stR14L5_VS_hum4n5\n", 40, 0x7f461a61c980) = 0x7ffd79ab8ec0
strlen("3xtr4t3rR3stR14L5_VS_hum4n5\n") = 28
strcmp("3xtr4t3rR3stR14L5_VS_hum4n5", "3xtr4t3rR3stR14L5_VS_hum4n5") = 0
) = 4
printf("\033[32m") = 5
printf("\nSorry for suspecting you, pleas"..., "3xtr4t3rR3stR14L5_VS_hum4n5"
Sorry for suspecting you, please transfer this important message to the chief: CHTB{3xtr4t3rR3stR14L5_VS_hum4n5}

## Solution
> `CHTB{3xtr4t3rR3stR14L5_VS_hum4n5}`

Original writeup (https://github.com/KamilPacanek/writeups/blob/master/ctf/HTB.CA2021/passphrase.md).