CTF: Can-CWIC CTF
Challenge: Rev Me Easy
Classification: Rev
Downloading the source code and running objdump on it, we can see the following output:
Pretty simple to see what's going on here: Hex values are being moved into the edx register and then xor'd with eax, which we can see from the first instruction is 0x10. So let's collect all of these edx values, xor them with 0x10, and see if we get anything interesting to work with.
To do this, we can create a simple python script:
Running this we get the following:
And that's all she wrote, folks--our flag! Reversing this was indeed easy!