[Reverse Challenge] revme

jl3 · October 18, 2019, 9:27am

revme

The goal of the challenge is to retrieve the correct password. It’s written in C and stripped.
Hints might come up if needed.

Good luck!

Difficulty

0 Easy - 5 Hard

0
1
2
3
4
5

0 voters

Challenge

Retrieving the binary
cat revme.b64 | base64 -d | gunzip > revme

sha256sum
a45228ba135c25d1a9826e37fd63e095ddc31ff1f9744afbada2069d61118cd3 revme

revme.b64

H4sICLWBqV0AA2Eub3V0AO1bfWwUxxWfPfts8+E709jgQhofCFJT4fNhg2OIDT7jw+vUkCu1U6qEXNb3YV8531l3e8GmQJEujXp13VhVKxGpivijqvJHpaKqQlZVUcCIjwpVpkoit0kVNzLqObhwgEnd8LF9szvvvDvxifzRKn90nzT3m/c1897s7HjXO/M9T+duiyAQpAKyg1DueJnGtzD5/s05E5A1kmXwu4asJkXAF+rseOyzGLEk14/m9zaT8/gkMaKgw0KSn04WGZGULfhZdTyPQasR9X5qfw4m5zAjGFHvR0PI1DB9sxFxPAYtRj8L85tnfvPNRpwSjIjjWcjKBdYej23EiDiG3utygNabWD48dhEjot83wA+H+PMQDvc+1l++cam0GBGHtTYS7mnYUhsJ1ETC0eRgzWBjQ03DFmci5qxTYyon2pxq39tN3q4/nAnUdXt3/N1V+Bt3+7vfbrzfVchiEJgNYfY4/BSXkYXrRi/wcaaj8t5uCVNYlNZC+dIi8gRZmDJ6WpbHviyP/Ot55LV55G/k6XdrHvu38tg3QVm3iHwjlBWkknhbNB7nIYHr5KeXpYEMJOUE8fkSsuQ/6PP3HfSFpHCESv19Upwk5EA4SkK9QTDqlyKRmB9s/YOSLxSOSpHw4SCwtC3qH5d9/RJYt3d2tO7y1Tm35Gp1zq3E19G1xxcIxoO94YQcjHft2RWJRYNdUk+EttHbH4uyNnya6aKG2gywwJywsBpRa4JaFuZveThcSmfOASZLrg4voZa9TI/zGMdjYIWGWU7uYHKRGz/kJ3dqWEQW5iilKZ3cqpNndPJinTyrky/Ryed18qU6OV5P2vYynbySyWnbgk7u0MkLdPJqnVy/Xrt0cv360aiTlxCTTDLJJJNMMskkk/5XdNf+1KdiarZEHLb+Bd4lxO+flS3KhJi6UDKu6pWtH4FY2TANv/aqFqhRvo+qZqYUoA1/pTx9JJyZUPk/17K325mzKv9HytNHw5lTKn+e8vSRcOYksLT/zf/sSF97WUx/JKams96uzhHradCLI6U7VWim3kpFHfjNjQL7Jo1zxPoTCtvm5QoI3cZCX6JM2auO0+DGGYJ9WLXf2kNh4yMxnRXP3dwpnpsvEIWL4rVHcjk0cN2pNVCiTIXsVW0L/jS+48019DUrWd8tpprPO2mr6etyqTjcXETHpuIUiDJ+SOaitRAEwoHxkNNe9Zo6fuOhhTodP9reTC/YdkMbMPAOyOSIjbboyUBV1qpZqMa16vwlzzR9GL/x1LBnWvRPiMOeeVGYsJ8m9jNn05cyBx8pSqp/WkgdnSZDH4BxsdE4qzfewRsLRuOM3niFwXh09Mq4Lub3S3OBTpZioLMY6OwigZ5/SJubheZm1b5ni4zGhkB/ZjDW9e0S00cnA+Jw4YZqonW7+SzkQV9hLnkydJRvPJ1LZ1JrMpV9Jn2eJnfiB13WmynIOuXJ0LSeOPaO/bTnX00rk88DzjWVJtsB7zXtS+4E/KTJk3wGMNtUnKwFvAP4VcC7gFWAN8FuFeCtpr6kHfB20/PJ4jF1RK1j6twb3jMfEOuXq6HK1szUA0XJJeKFRMa4RMSxvZv99ZEhX0D8nSta7+tJyj7QTIjp7klxLOqSfQmXLwiSqRAkexgyvqpmvHHYc1U8YT/dZZ2gNf9lyH1MFC5D7o3n5WI1mBv2lOcqJH11ybFrapDicJJGtwWja9VHV3bJM0e9Mt1wIf6witaonoYpDles2kTdPfNnVqmhX8qsBN2NwpRnThj2zBmufdNSefVnZIpclDo6t/LYn6jmhDjiFZjyIiGgKE+uU3louIjOwXkhuQIFZzSBbIMbOwQvqJnv3oeurRkJ4lTzvDKuv+HU+839rc6R5vuQpvuFjvR77u6O9D13lzv9oFscqZkF8Tc7Nz6ka2Dm1qeQ4rmHBXLV5vfZ/d+ZvtOZvtmW/odbKf9QTI0L4ra/JT+m6+OLB9wvuQ+4X3b79Pc47W9cv67mVlKTTDLJJJNMMskkk0z64ol+33JsJ4F47FAiIXmJIx6Uox6ydO3atT2x54hDloLxdrI3NhDc5DgUj0V7HQNSIuF00rdgYU3Bs16ifVeavqUo9Am4LasoEcDm24ryK8DbgPQlpf+OoswCNtxVlOXw+vEO4CbAX8wpSidg+T1F+amgfcdV4zq8jwiDZcKa5cUlo0xO9wJMQD/0ZZy0Fauf5NZD2QJlP8hfoQJb2W5b5XP2ZYdKjpOdq5/9Wv169fMl9X0JShri+y0VuG1lr1t2lRZZfg09aPojUL4C8R4x6A/l9D+HMgT6Kwb9hZz+91DWQZ5vGfRv5vQfQDkJ+nGD/oyqp9/lH0DxwrjQr5Fkt63sDUuHrfLHBR6bY6TQY6v+kbXN5nq9SLQ1porbbS1RW6Pb5nLbqlttjlZbZautrNVWon6TbIPxGoR29N8HTTLJJJNMMskkk0wyyaT/H8J9iLjvUL+fmtJyNGQbHUsZu79Cwy8zHvc3rmE87tVbzRD3OT7J6e89UmIqzzYJ4ruJl20OxL2ALqbHPYljDHEvYiXDCmKk3N7DFg1wz+QgQ3yvxL2RqxhWFxnlXqsx7kmGuHcS+7+vaPmg6SPGO5i/wngc3yzjS5j+34zX75n8Igj3lfPUwObBboYvMAwxfJXbDY37Vtt37druqG7f273Rsc1Z53QR4kz0JeS4LPUQZzgqB+MDxBmNyUFnbzTp7EmGI4GacICJ3K0dNbLUS1Rdn5ToI87AUDQx1K+hHNc0rwbjiXAsamB8oIsHIxI1ZLWBiEy7DMOvHByE3xAwoIsFJFkizmCfLxSX+oO+vkB8gdM8fFI8Lg1pHliHhqX+sB96jcnqj9aB1lhPIkGc/lh/fzAq/1euC+5Fx3mc73wEksDxTxBtTqM/fx5gPWfPn6l4mvPPWIzoeIw//Z/MJzDH0R/ve0TsH9cBfs/vDqKNAfrjuoDoYAnT21fQ+eP9uZsY9/fjOoOI6woSP357iXYP5+K3GhH7wfgtHL5ItDUBeVwXEF1k8fiRvkO0Mc3FbzUirkv8+GFcMvNvZTyuc4i4LlL/lYv4HyP6sxDkM+dlcP1H4q//EOfvKDPiK5w9fyznNc4fzyMhvst1yB/O+CHnj3/HEEs5ez7+UWK8//hzP9sf43+C8893riaf/y85/1GHEfdzE5afP6eg2MjC35fcOZuaxe1LOKT/y7Tr/PHvevZz+l8m2tijf+4cE/Of0t2/ej+8jteIlj/643mIyVoNqx/T/3ucf+5AmsvI5vP/kPNvYQ4tLmOcvD/SdSZDfzxX4c3jz/Mfs/5dnBz9V3By/nnOkLuOJOZ/N48/0n8Aa2pJ3xg4AAA=

exploit · October 18, 2019, 1:05pm

Thank you, it was fun

<?php
function cxor($e){
    global $k;
    
    $t = '';
    foreach($e as $c){
        $r  = $c ^ $k;
        $t .= chr($r);
    }
    
    return $t;
}



$w  = 'N1c3ly_d0n3_but_n0t_s0_ez';
$s  = [82, 104, 7, 79, 7, 7, 13, 82, 69, 22];
$k  = 0x37;
$p  = substr($w, 0, 10);
$p .= cxor($s);
print($p);
?>

Enter Password: N1c3ly_d0ne_0x00:er!
Great Job!!!

jl3 · October 18, 2019, 1:24pm

Congrats on being first!

ricksanchez · October 18, 2019, 8:45pm

$ python -c “s=‘N1c3ly_d0n3_but_n0t_s0_ez’; print(s[0:10]+’’.join([chr(e^0x37) for e in [0x52, 0x68, 0x7, 0x4f, 0x7, 0x7, 0xd, 0x52, 0x45, 0x16]]))” | ./revme
Enter Password: Great Job!!!
$

jl3 · October 19, 2019, 12:10pm

Nice one, oneliners are always so clean

x0r19x91 · October 21, 2019, 1:01pm

Simple xor and string compare. Solved using r2 in phone

N1c3ly_d0ne_0x00:er!

system · February 17, 2020, 1:28am

This topic was automatically closed after 121 days. New replies are no longer allowed.