Asm2 PicoCTF Challenge
Can we reverse engineer this picoCTF challenge?
Asm2 PicoCTF Challenge
Challenge
Test.S :
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
asm2:
<+0>: push ebp
<+1>: mov ebp,esp
<+3>: sub esp,0x10
<+6>: mov eax,DWORD PTR [ebp+0xc] // 0x2e
<+9>: mov DWORD PTR [ebp-0x4],eax
<+12>: mov eax,DWORD PTR [ebp+0x8] // 0xb
<+15>: mov DWORD PTR [ebp-0x8],eax
<+18>: jmp 0x509 <asm2+28> // unconditional jmp
<+20>: add DWORD PTR [ebp-0x4],0x1 // 0x2e + 0x1
<+24>: sub DWORD PTR [ebp-0x8],0xffffff80 // -128 but since two - = a + its +128
<+28>: cmp DWORD PTR [ebp-0x8],0x63f3 // if 0xb < 0x63f3
<+35>: jle 0x501 <asm2+20> // clearly jmp to line 20
<+37>: mov eax,DWORD PTR [ebp-0x4]
<+40>: leave
<+41>: ret
C program to retrieve the flag
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
#include <stdio.h>
int main() {
int d = 46; // 0x2e
int b = 11; // 0xb
// Loop until b is greater than 0x63f3 (25587)
while (b <= 25587) { // 0x63f3
d += 1; // Increment d by 1
b += 128; // Increment b by 128 since two - equal a +
}
// Print d in hexadecimal format
printf("d in hex: 0x%x\n", d);
return 0;
}
This post is licensed under CC BY 4.0 by the author.