Find the password of
/home/rookie/Challenge1/password in testbed.
Hint 1: Compared to
/home/rookie/GDB/checkPasswordEasy, this version of the program does not “deobfuscate” a stored password (which can be easily cracked by setting a breakpoint after deobfuscation has happened) but instead “obfuscates” the one typed by the user, similarly to what is done with hash functions. Unfortunately the obfuscation is not strong enough and can be reversed!
Hint 2: Use both static and dynamic analysis.
- See here how to run gdb in docker
- video 1 (in Italian): how to decompile “by hand”
- video 2 (in Italian): how to script gdb using
NOTE: the videos refer to an older version of the challenge
You can send direct messages to multiple users on slack. Send
@Simone Jovon and
@focardi (me) a direct message with a short description of how you solved the challenge by October 17th to get a 0.5 bonus on the final grade!