VishwaCTF_Mini_2024

<h1>VishwaCTF_Mini_2024</h1> There are three RE challenge. <a href="https://github.com/0xMikiko/CTF-Challenge-Storage/tree/main/VishwaCTF_Mini_2024"> You can download here.</a> Format flag: VishwaCTF{} <ul> <li><a href="#Baby ko BASE pasand hai">1. Baby ko BASE pasand hai</a></li> <li><a href="#Stack Hack">2. Stack Hack</a></li> <li><a href="#Stop me if you can">3. Stop me if you can</a></li> </ul> <div id="Baby ko BASE pasand hai"></div> <h3>1. Baby ko BASE pasand hai</h3> Is this some kind of any random text or any kind of song? Sounds weird <h3>Solution</h3> Open file in DIE to get overview. ![image](https://hackmd.io/_uploads/SyFWNe0ca.png) Open file in IDA ![image](https://hackmd.io/_uploads/B1qBFeCq6.png) I wrote a small IDAPython script to patch `usleep`. :::info ```python import ida_bytes start = 0x1212 end = 0x13D4 for i in range(start, end): tmp = ida_bytes.get_dword(i) if "fffffe" in hex(tmp) or "fffffd" in hex(tmp): print(hex(i)) ida_bytes.patch_qword(i-1, 0x058D489090909090) ``` ::: It make the program looks better. We can realize that these strings has been encoded. ![image](https://hackmd.io/_uploads/S1kGAlA5a.png) After decoded, we got 2 string: 1. VishwaCTF{ky4_b4by_k0_s4ch_m3in_BASE_p4s4nd_h41??} (base32) 2. th15_15_n0t_th3_fl4g_y0u_4r3_f1nd1ng (base64,base58,base85) :::success ``` Flag: VishwaCTF{ky4_b4by_k0_s4ch_m3in_BASE_p4s4nd_h41??} ``` ::: <div id="Stack Hack"></div> <h3>2. Stack Hack</h3> My DS prof gave me this question. Wanna give it a try? <h3>Solution</h3> Open file in DIE to get overview. ![image](https://hackmd.io/_uploads/BJVEQ-0qa.png) Open file in IDA, its easy to figure out that the program calculate a lot and these value wasn't change. So we dont need to understand what they do!!! ![image](https://hackmd.io/_uploads/rk3R7-C5T.png) The challenge try to print the strings depend on what number we enter. It's only print words at the index that meet the conditions: `index % parameter != 0`. It need to get data offset to print, if not it do nothing!! So if `password = 1`, it will print the whole string. ![image](https://hackmd.io/_uploads/ByNerZC5a.png) We can enter `password = 2` and `password = 3` so it will print fever letters. ![image](https://hackmd.io/_uploads/r1uBH-0cT.png) :::success ``` Flag: VishwaCTF{reversal_success} ``` ::: <div id="Stop me if you can"></div> <h3>3. Stop me if you can</h3> Malwares are unstoppable. I have one such malware for you and it is pretty uncontrollable. Run it and you'll find it yourself <h3>Solution</h3> Open file in DIE to get overview. ![image](https://hackmd.io/_uploads/Bktorb0ca.png) Run the file, you can notice that the flag is pop up, then its disappear and asking our input. We need to set breakpoint before the flag fflushed. I set breakpoint at `0x1935` and this is what a got ![image](https://hackmd.io/_uploads/SyGoF-Aqp.png) You can also write a IDAPython script to get the flag :::info ```python import ida_bytes flag = "" for i in range(0x4008,0x410C): data = ida_bytes.get_byte(i) if data != 0: flag += chr(data) print(flag) # VishwaCTF{m4lw4re_h4s_b33n_r3m0v3d_&_4tt4ck_h4s_b33n_n3utr4l1sed} ``` ::: :::success ``` Flag: VishwaCTF{m4lw4re_h4s_b33n_r3m0v3d_&_4tt4ck_h4s_b33n_n3utr4l1sed} ``` :::