[CSAW 2016] Key Writeup

Standard

Description:

So I like to make my life difficult, and instead of a password manager, I make challenges that keep my secrets hidden. I forgot how to solve this one and it is the key to my house… Can you help me out? It’s getting a little cold out here.

NOTE: Flag is not in normal flag format.

Running the file we end up with a message: “?W?h?a?t h?a?p?p?e?n?”
Let’s open the exe in IDA and view it’s strings looking for interesting strings.

We have 4 interesting strings:

  • A path: C:\\Users\\CSAW2016\\haha\\flag_dir\\flag.txt
  • The known message: ?W?h?a?t h?a?p?p?e?n?
  • Good key: Congrats You got it!
  • Bad key: =W=r=o=n=g=K=e=y=

Visiting the function that uses the path string (X-ref) we understand the program is trying to read the key from it, if it doesn’t exists we would get: ?W?h?a?t h?a?p?p?e?n?

I Created the txt file with “aaa” inside and ran again, this time I set a breakpoint before the decision whether to jump to the success or failure message.

asm_key_csaw

Now let’s see what we have in what seem like the comparison function.

Stepping the lines we can see that my “aaa” is compared with a string.

csaw_key_eax

This string is the key “idg_cni~bjbfi|gsxb” and also the flag to the challenge.

 

Share

Leave a Reply

Your email address will not be published. Required fields are marked *