Welcome to my Blog!
My name is Biplav. I am a Cyber Security Engineering student, and love learning about Blockchains, Reverse Engineering, and Coding. I also keep participating in several Capture The Flag (CTF) events. So, In this blog, I thought of sharing my writeups about those ctf challenges as well as other topics that I find interesting. Hopefully it will be useful to someone who loves exploring those topics.
This writeup is going to be about one of the reversing challenges from THCon CTF 2021.
Here, Name of the binary is chall.bin.
First, Trying to run the binary without any input prints that we need to provide an argument and exits the program.So, let’s try by passing an argument and here it prints Nope sorry, try again and exits the program.
So, I loaded the binary in write mode using radare2 with command:
This was a steganography challenge from THCon CTF where we were given a qr .gif image. When I tried to view it, multiple QR’s were being loaded in a few milliseconds gap. I solved this challenge using imagemagick and zbarimg. First, I used imagemagick to get all single QR’s from the given .gif, and then ran zbarimg to get characters from each file, and when I put all characters together I got the flag.
This is one of the easy challenges from Hackthebox. I will explain how we can solve this challenge using radare2. Here, Name of the binary is auth. First, let’s load the binary in debug mode with radare2:
$ r2 -d ./auth We can list all available strings using iz command. Also let’s see the information of binary using iI command. We can see that binary is stripped, but other protection mechanisms like canary is turned off.