Challenge 1: Program Analysis

Find the password of /home/rookie/Challenge1/password in testbed.


Hint 1: Compared to /home/rookie/GDB/checkPasswordEasy, this version of the program does not “deobfuscate” a stored password (which can be easily cracked by setting a breakpoint after deobfuscation has happened) but instead “obfuscates” the one typed by the user, similarly to what is done with hash functions. Unfortunately the obfuscation is not strong enough and can be reversed!

Hint 2: Use both static and dynamic analysis.

Useful links

  • See here how to run gdb in docker
  • video 1 (in Italian): how to decompile “by hand”
  • video 2 (in Italian): how to script gdb using python and subprocess

NOTE: the videos refer to an older version of the challenge


You can send direct messages to multiple users on slack. Send @Simone Jovon and @focardi (me) a direct message with a short description of how you solved the challenge by October 17th to get a 0.5 bonus on the final grade!