[ReverseMe]Alpha

ReverseMe

I’ve got another challenge! It’s been a while since I posted my first challenge, Cipher. So, I had some free time on my hands and wrote a simple ReverseMe. Difficulty? I’d say it’s somewhere between easy and intermediate, maybe easy depending on your current knowledge. Enjoy!

Executable

H4sIAIceH2YC/+1bbWwUxxmevfPZZ2P7DrAbAqQ+IlJwg882GAQhDjbmYF0BMh8mpGo51r61fe75bN2tg41wcHsJ4XBcQdTSzx+kP5Ca9gdJoyhBEbYhPQeEogNVhKgfchGJ7mrTukApYNfbd/ZmfLNTL46iSu2Pfa27Z97nfd/52pnZ8e3sYc/
WzRZBQFSs6DmENdfclF5F+KqV0y7ArUV58P0EWowyQc9g/Ti8btGjfbqcVNwCa0rncTHSo8BgBjKWjmw9Imc6zsboPP7Spkc2TivPRXgOTwl6ZONw38RLUnq8Uo8bSTt7rfo4C4kbIXEjlRwKeqT9mUE+a0l+PPLV5+P2Ej8eNyE90r7f9Zni+zL
l1ZG4FcTA41akR1reDojLRF9c6OXdScozug5lFj3Sy1ga8DesqSgN+EoC/mBnV0nX2jUlayrc4Xb3yul6OcmY2rK9Hll60WAGE4/TBWScY/sbOyuWFiz7Yclbn3b9fqDrN69+980Hl2geAvGh88LCtAPr85nxhIQ3UC+4zCf5Y7kif9zWVC85193uW
2zUH9vhM28G/lfMNWJlvoH/kwb8IQN+gwHfbMALBvywQT2fMPDfYsAXG/BlBvwCAz5iwF8zqGeegX+LAd9G+pqXLPjMRQuRq1o/r/YTvorjUVOzrIRRWPH5gygckOUO1NEJhNzlV5Dib5PBFArIQdShhKRGGaAlJEs+byN8K5qxMdwRRG1SINDeiLx
emBaN3rAihRRvm4SzVHxyKITCISnoA3Njl+Rt8gelgP8g5BXyB5Um1HQg5IescCSeP2vQlq21G2u8K90r3aun06sqkLd29zYv5CY3+8OKHNq9rSbQHpR3Sw0BGXJubmsPkoK9KdcZHfHsEWDWpP+oZtFpVmQl482CjjHrRedCfzaedT8g3DsnTmbiPE
8h/box3b/k4l3n+EFy/zxapeepPrghhZnMmoHlI4Zn14E4w2cz/HWGdzL8CMPPZ3g6bmzM+qHdrxm+kB1wVelxZ2VoO8Oz92Mnw9vYecTw7DruYvgshl/O8HZ2njJ8DsOvZfg5bPUZPpfhRYbPY/g6hs9n+L0M72D4/VXsvGTmNcPPQ6aYYoopppjy/
yViZMwu9tl+WwrJVwYVixoXIx/aL0zb1dWXwKQ+dRm+HUVVkMI63rWi5IgK8tR5rOMtTDKu6WexjrcuyUFNfxvreOuQPKPpb2IdbxmSpzT9F1jHW4XkcU3/KdbxFiHZq+mvYx3fRpMdmn4M63hLkNyv6d/DOt4SJes0/SDW8dYgWaXpIazjLUGyTNNb
sY63AkmXpjdgHW8Bkk5Nv+SGTfNx2v7yW7XRK/vE6A0xcnO8brenfLD8othfGYUGqYWHwfVuk9tR9LLmi/sHbEO4L/ttuB/EdfeVQujefe5U92arI46iXux7gSD4n9D8V+N2icVTYnRcHPrrBnHovlUUYuKVKaUAMighGdjVkSZH0aZ0/B3HVx/2Vva
U4q3r0/VipDLHjXONfqbkin2Vp0FJFEOrEj74itnqwU/4NsTq4pMHwFgPMTAYXAO4KxOvTKmqGPWMi5GecdSZM4Cvb+IUkAM4KLEHUtHhRCn26vOMx9BODGJkUIghD0laYmgPSVrTbEba1xZDu0gyM4ZqSTIrhraTpD2Gtojlg4otgYdPK9p7HITYsm
PIS5I56eA56Sxz0w55MbSZJPNjqJ4kHVDQsGcSt2e0J3H3X9CUxrjov1pjX/KyOPQXl3B+6KEtOjT0oKj4UrR+rK9+7DtXnyuORz1jkZ6xxw9/pc8z1i9KffWTWn5CPHrpqHO0DGyriG0ZZyvQ2Ek9G/FMCpGeySzHkW411ZmphiOcvHiBXhUx2pMAJ
iFCr0cnwTFy365kvadV/lnaiuV9nkncBuwnxB3vIse5OFCRwep156mzgxb40tX38EVNFxHtGRv2TNRV79oV86ho2HNvc3Xt1pjnIYImISVf7PdM4NInJlR1NBe0e1i7BdpxfTXfx+WcxXmfwyltwGhlJ6pwxV8Z7C6BAf3hCjxKh87iiXxO0CaCTZmD
ueGECH6pEefGEf22fz6NDZ77Yl/9fS0r9erASmof/T4pvQwqNf5+alIVtkJvauXjDD+BWsLkIcP4U9D+c1j126ZyNO9UXStmdOorHMNV6ffEz7lI3usntEbROXIIq2CHKnyk5XcNO917CLNvky2OZigXfMFjPp5Rnkm4XKD4QdGqcfGCtj7rVmRTTDH
FFFNMMcUUU0z58oKff9RVb6+tWbIkBz3fIinLwi6lRXa1Sc3+RldYCfmDzc+4Uj+1C4us60WU+j3+7t9UFT8juTmuqh9gHdAH+Me/q+rvAMN3VPUu4DXAAtgZL7yrqhWAPwasE9LPHoSDO5HQ5RQW5WbZjwtZTszjh5hHIT/2+dfM/ggtJf57oT7j2C
HfuTl/wTcccw7Ye9GGheu/vmrpkzQeP8N2Qb7s8wQc+y2cL9T7JN7BV+c7j1hq8jKtJwQoQrPjZ5sHbqtqI2Lsln3YrNl/jv/hAfsm1n5YM2vPD3H//AnsL7F2UvZ1+FRBH/1Bl/cnqWBTTDHFFFNMMcUUU0wxxZRHCTlsRM+f0bNlxwhOn4Eih8Xo2
adT5NDX40Sn59wWEZ3+O7KQID3vtpiz/2NKbdfyI4fF6BmwEZKgZ7/ixE7PcI0TpGe3FhAs5JpHz6AlyPk2ekauTtD/n0jPkj1G0GXX82VZ+nrT8rO58ifUVHuo6xTVSbxKdNrP40SPk4Y+ILr1fzws6PlxXtaQcbCZ4B6CTQRfJHiE4EmCpwm+SzBG8
BrBzwneI5g599H1o+cieRltFKOft+a90CpM5S698aD3Yt5uMXrDYbsslg+K0eEzz47eAeu28ovVO25M1kb/XBsZslb3ZhcA5jVVR7LVxAdwiX4C3mfW7xQHShv8wdLScMvzu70QszX6sRi9PfpWa97eVpu31V79zdG30ZaammdcyzfJDX4p6CrHp1TLS
sorikkSIXe4JayEFKkBuf1BRQ51IHewXZHdzcFOd0eovUMOKd0M1dDpD/hK/D5CVW+sLVGkZqTZWqRwC3L7uoPh7rYUKqGU5UU5FPa3B3WKF2whOSBhR5LqCCi4Fn74hqS7uR0SitwF303AglO7T1Ik5JZbvE0hqU32tvhCaS0V6pVCIak7FUHTUILU5m
9EOMdUIal8GsJh5G5sb2uTg8p/Z1zOIXOHzmOj90DSv1fpZT6ZijTe6D0ExK1TVL7GxfPvPyzl/Pl3T9Zx8YesenTNEo/Pqd+DNYLG03WTYhnSr5t8/XeQPrRw6ypFpyW97glMPF3fXkD6dw7oOk1xfJb+l8gaOF1+ph5XcPW3cBgka+r0WecsPZahmet
PpYf0qYVb1ymOG/Qfbf+rJH4jd5+gSO8rmSSGjz+BmHczmPsqxcdmuf6vcfEupx75/udfX/oRF++cq0e7wfineIovf64eezNmLp/KaS6e7iMoZs/S/l9z859/cah4lvh3uHij94mM4s9z8V0uPS4XHr1+XEapc+JWbt9E3zearf/x778OJp7uq65/wfib
pO+t3H1++v0xQT+t7Nx1/BlpP42n7yUMlpL2z1L+LS6e7ssSJP7oLPH3uPhesg/oJRP/dS6eX08nSV40nr7fMK9cv34YxeNXH4UZ/Gh8kcH6x+JMe7tyEp8jPHr9/DdiHNeBgDkAAA==

The Binary

save the dump into a foo.txt and run the following command to recover the binary:

cat foo.txt | base64 -d | gunzip > foo.elf && chmod +x foo.elf

Good luck!

3 Likes

Nice challenge @0xf00I . It was fun

What’s the magic string: ABCDEFGH
PASS

I bet dynamic analysis may be more challenging.

1 Like

Good job! @0x00pf Thanks for giving it a try.

Yes, but only if you overthink it. Just a peek at the assembler dump of the binary, and it’s pretty obvious. Of course, at the time, you should recognize the inserted junk code. So, I’m curious, how did you approach this one? And how would you rate the difficulty level?

1 Like

Just objdumped the binary then:

  • Found the main function
  • Skipped thread and ptrace thingy
  • Found the fgets and then the call to the check
  • Then reversed the check function. No surprises there

I believe difficulty was easy

1 Like

This is awesome for anyone wanting to learn about reversing. Clap

1 Like

This topic was automatically closed after 121 days. New replies are no longer allowed.