Крякми для линукс
ЯП - С++
Сложность - 0/10
Как запустить?
./release
ЯП - С++
Сложность - 0/10
Как запустить?
./release
-
XSS.stack #1 – первый литературный журнал от юзеров форума
CrackMe Crackme linux 0/10 (challenge)
- Автор темы kingessopper
- Дата начала
You can start looking at static attributes of the executable, well I supposed you also want learn how to analyze the binary, by using the command file you can see the type and a few info.
From this you know that the file is an executable compiled so it can be loaded at any address (pie = position independent executable), you can also extract a great amount of information using readelf and other tools, this binary is not striped so we can take a look on the symbols using nm.
The symbols here give us a great intuition what should be happening in that challange, the function scanf() is used to read input from the user(like you and me), strcmp() is used to compare two strings it is probably comparing your input with the key value for this challange, and functions like puts() and printf() is used to output something probably to say if you did finished it properly. I did not run the executable any time here, but what I will try first if working on this one is to run it on a debugger (eg GDB), and put a breakpoint on strcmp() function, inspect both strings passed to strcmp and confirm that one is your input or related to it, and then look at the other (possible the key).
Bash:
$ file release
release: ELF 64-bit LSB pie executable, x86-64, version 1 (SYSV), dynamically linked, interpreter /lib64/ld-linux-x86-64.so.2, BuildID[sha1]=47ac4b42f0b485c5a57d3da6fc0b50f3370bfded, for GNU/Linux 3.2.0, not strippedFrom this you know that the file is an executable compiled so it can be loaded at any address (pie = position independent executable), you can also extract a great amount of information using readelf and other tools, this binary is not striped so we can take a look on the symbols using nm.
Код:
$ nm --demangle release
000000000000038c r __abi_tag
0000000000004010 B __bss_start
0000000000004010 b completed.0
w __cxa_finalize@GLIBC_2.2.5
0000000000004000 D __data_start
0000000000004000 W data_start
0000000000001110 t deregister_tm_clones
0000000000001180 t __do_global_dtors_aux
0000000000003da0 d __do_global_dtors_aux_fini_array_entry
0000000000004008 D __dso_handle
0000000000003da8 d _DYNAMIC
0000000000004010 D _edata
0000000000004018 B _end
00000000000012b4 T _fini
00000000000011c0 t frame_dummy
0000000000003d98 d __frame_dummy_init_array_entry
0000000000002170 r __FRAME_END__
0000000000003f98 d _GLOBAL_OFFSET_TABLE_
w __gmon_start__
0000000000002094 r __GNU_EH_FRAME_HDR
0000000000001000 T _init
0000000000002000 R _IO_stdin_used
U __isoc99_scanf@GLIBC_2.7
w _ITM_deregisterTMCloneTable
w _ITM_registerTMCloneTable
U __libc_start_main@GLIBC_2.34
00000000000011c9 T main
U printf@GLIBC_2.2.5
U puts@GLIBC_2.2.5
0000000000001140 t register_tm_clones
U __stack_chk_fail@GLIBC_2.4
00000000000010e0 T _start
U strcmp@GLIBC_2.2.5
0000000000004010 D __TMC_END__The symbols here give us a great intuition what should be happening in that challange, the function scanf() is used to read input from the user(like you and me), strcmp() is used to compare two strings it is probably comparing your input with the key value for this challange, and functions like puts() and printf() is used to output something probably to say if you did finished it properly. I did not run the executable any time here, but what I will try first if working on this one is to run it on a debugger (eg GDB), and put a breakpoint on strcmp() function, inspect both strings passed to strcmp and confirm that one is your input or related to it, and then look at the other (possible the key).