Reverse Engineering Series — 2
Hey Squad,
Hey Squad,
This is going to be a series on Reverse Engineering. Let’s learn RE together. Any suggestion is appreciated.
link to part 1 is here : https://gowthamaraj-rajendran.medium.com/reverse-engineering-series-1-1a40eba00bc
file:
link: https://github.com/d0minikkkk/reversinghero-contents/tree/master/2
Tools:
- file
- ltrace
- strings
- ghex
- ida64
- Ghidra
Binary Analysis
we find that the file is 64-bit elf.
we find that the function printf, fdopen, fclose, memset, memcmp, strlen, fgets, strcspn being used.
IDA PRO Analysis
Let’s analyse using IDA PRO.
cmp_shuffled_input compares the input and the stored number. Once it passes, we will go to loc_4005A5 where we get the flag.
cmp_shuffled_input block has the shuffler function which shuffles the input given by the user.
shuffler block calls manipulator to get a random index to exchange elements between buffer and s2.
The above code be rewritten in python as the given below:
Hence, the input will be “31415926535897932384626433832795”
Ghidra Analysis
shuffle algorithm,
It is much easier when we use ghidra.
Cracking the challenge
Please give a clap if you found it to be useful and follow me to get more hacking knowledge.