After a while I decided to check challenge from ETF 2014 called
the-beginner. Below you will find the details. Here we go...
We will start here:
As you can see (as a hint) "The expert in anything was once a beginner". :)
I was wondering what type of file we are watching here:
And I was a little bit surprised when I saw an ASCII - not binary ;> Next move was to print few lines from that 'ascii file':
Ok, so we are watching
objdump logfile. Cool. Let's try to find some interesting functions then:
The one I decided to check was called
print_flag:
As you can see there are a lot of
movl instructions. "
Mov can be used as #define (from C)" so I decided to check the hex values, starting from
80484d4:
I copied all of the movl-lines to notepad to clean them and leave only hex value(s) to check it later using python. See below:
Ok I'm pretty sure that I can see the flag, but is it printed in a good way? ;)
Now should be better:
I must say that it was pretty cool challenge. :]
See you next time!
Brak komentarzy:
Prześlij komentarz