zx81 on 8:44 PM 05/08/2021: Nice little challenge 1st Linux one I've looked at admittedly under Windows with static analysis.. I won't reveal the password. But it's a simple 8 charicter xor'd password. I don't fully understand the stack protection code but it was interesting.
SeppNel on 8:44 AM 05/11/2021: Hi, This was the first binary that I tried to reverse engineer with ghidra and is great for a beginner like me. I managed to get the password, but there are some things that i don't understand and I was looking for someone who can explain some things to me.
First, the password variable seems to be backwards and the last byte is the same as the xor key. Second, when checking the password shouldn't it overflow?
Sorry if this are noob questions or if this is not the place to ask. Here is a screenshot of my decompiled code.
https://imgpile.com/images/7eVscb.png
DirkD on 8:43 PM 05/11/2021: @Seppnel Ghidra makes this a lot easier with its decompiler. But remember the code generated is only a representation not the exact code. The string is not reversed but the way Ghidra shows it is not as a string but a value. the 0x55 at the beginning is not used when you run the code.Its just used as placeholder.
lemma on 12:48 AM 05/12/2021: Good beginner friendly challenge. I solved it by reading the very readable asm code and xoring one 64 bit value, both in radare2. First the key did not work, but i tried a very obvious/similar key, and that did the trick.
AwayyGG on 11:45 PM 05/15/2021: Password: NiceDude
You're given a buffer in hex and are asked to xor each char by 0x55(85 in decimal), thats how you get your key
devalfo on 12:44 AM 05/17/2021: please don't spoil the challenge in the comments
DirkD on 8:50 PM 05/17/2021: @Admin could you remove the spoiler post in comments?
Anhkhoa on 8:09 AM 05/20/2021: why xor 0x30 and 0x55 ??
bob123 on 8:23 PM 06/14/2021: Nice challenge to get back into reversing :)
littleb on 10:26 AM 06/21/2021: I solved it in static analysis with Radare2. I found this challenge simple but very interesting. it changes a bit from the classic easy crackme. Thanks !
muha2xmad on 7:13 PM 09/07/2021: not easy but nice
You must me logged to submit a solution
Solution by lxeiqr: The "key" was extracted from a constant variable in the program, while the magic 0x30 number was extracted from a variable, that the main loop buffer overflows into. These have to be processed (each char has to be XORed with 0x55) and then you get the final key.