Skip to content

Latest commit

 

History

History
30 lines (16 loc) · 1.09 KB

Can-CWIC_RevMeEasy.md

File metadata and controls

30 lines (16 loc) · 1.09 KB

CTF: Can-CWIC CTF

Challenge: Rev Me Easy

Classification: Rev

Downloading the source code and running objdump on it, we can see the following output:

Pretty simple to see what's going on here: Hex values are being moved into the edx register and then xor'd with eax, which we can see from the first instruction is 0x10. So let's collect all of these edx values, xor them with 0x10, and see if we get anything interesting to work with.

To do this, we can create a simple python script:

Running this we get the following:

And that's all she wrote, folks--our flag! Reversing this was indeed easy!