We managed to get this package of the robots servers. We managed to determine that it is some kind of compiled bytecode. But something is wrong with it. Our usual analysis failed – so we have to hand this over to you pros. We only know this: The program takes one parameter and it responds with “Yup” if you have found the secret code, with “Nope” else. We expect it should be obvious how to execute it.
The challenge provides a compressed archive hello.tar.gz which contains a bunch of shared objects, an archive called library.zip (actually an ELF executable with an embedded ZIP) and a Python interpreter py. The executable to be cracked is hello, which will reply “Yup” if the correct flag is provided, “Nope” otherwise.
Continue reading “Hack.lu 2013 CTF Write-Up: What’s wrong with this?”