CTFtime.org

You are not allowed

by p1xel / Byt3Scr4pp3rs

Tags: reverse 

Rating:

# You are not allowed

#### Category : Reverse engineering
#### Points : 100 (242 solves)

## Challenge
Can you reverse this program and get us the flag?

Flag format: flag{string}

Attachment : program

## Solution
Using file command on this binary, we see that it is a stripped binary.

Opening this binary in ghidra and going to the `entry` function, the first parameter of `__libc_start_main` is the main function.

![](https://github.com/p1xxxel/ctf-writeups/blob/main/2021/RCTS%20CERT%202021/You%20are%20not%20allowed/finding_main.png)

Double clicking it, we get the main function.

![](https://github.com/p1xxxel/ctf-writeups/blob/main/2021/RCTS%20CERT%202021/You%20are%20not%20allowed/main_func.png)

So it is taking input from the user and then comparing it with a secret key generated by `FUN_00401242`.

Taking a look at this function,

![](https://github.com/p1xxxel/ctf-writeups/blob/main/2021/RCTS%20CERT%202021/You%20are%20not%20allowed/key_gen.png)

So we just need to convert the integer into char and we will get the secret key which we can then enter to get the flag.

The key obtained from this is `Sup3rS3cr3tK3y#`

Entering this, we get the flag

![](https://github.com/p1xxxel/ctf-writeups/blob/main/2021/RCTS%20CERT%202021/You%20are%20not%20allowed/getting_flag.png)

So the flag is `flag{1ntr0_t0_r3v3rs3_3ng1n33r1ng}`

Original writeup (https://github.com/p1xxxel/ctf-writeups/tree/main/2021/RCTS%20CERT%202021/You%20are%20not%20allowed).

Comments