NOVA CTF {2024} — RE Ninja

REVERSE ENGINEERING CHALLENGE

KISHORERAM
3 min readMar 21, 2024

Challenge Description:

Navigate through a complex digital terrain, employing reverse engineering techniques to unveil a hidden secret buried within its labyrinthine depths.

Photo by Bradley Pelish on Unsplash

Analysing the File :

ELF stands for Executable and Linkable Format. It is a common file format for executable files, object code, shared libraries, and core dumps. ELF files are used on Linux and other Unix-based systems. The ELF format is versatile and can be executed on various processor types. It supports big-endian, little-endian, 32-bit, and 64-bit architectures systems and different CPUs. The ELF format has several capabilities, including dynamic linking, dynamic loading, imposing run-time control on a program, and an improved method for creating shared libraries.The ELF format is the standard binary format on operating systems such as Linux.

Strings:

Looking into Main Function adnanalysing in Ghidra

The main function takes two parameters: param_1 , which represents the number of command-line arguments, and param_2 , which is an array of command-line argument values.It checks if the program is invoked with exactly two arguments ( param_1 == 2 ).

  • If so, it calls the function compare_pwd with the second argument ( param_2[1] ). Presumably, compare_pwd is a function responsible for comparing the provided password with some predetermined value.
  • If not, it prints a message indicating the correct usage of the program, which includes the program name followed by “password”, and some additional text (“Best wishes”)

It calls a function named my_secure_test with the provided password ( param_1 ) as its argument.It stores the return value of my_secure_test in the variable iVar1 .
It checks if the value stored in iVar1 is equal to 0 .

  • If it is, it prints “Flag Found!”, indicating that the password is correct
  • If it’s not, it prints a message indicating that the password is wrong, including the incorrect password itself.

It checks each character of the provided password against specific expected characters. If any character doesn’t match the expected character or if the password is not exactly 8 characters long, it returns -1 (represented as 0xffffffff in hexadecimal) to indicate failure.If all characters match the expected characters and the password is exactly 8 characters long, it returns 0 to indicate success.

Flag Format NOVA{ }
Finally we found the flag as
NOVA{cR4Ckd17}

Thanks For Reading :)

I hope you learnt something and enjoyed the challenge.Don’t miss out on my upcoming articles! Follow me on Medium for more insightful content. Clap and share this article.

Connect me via LinkedIn, https://www.linkedin.com/in/kishoreram-k/

Best of luck in capturing flags ahead!!!

--

--

KISHORERAM

Cybersecurity & Networking enthusiast | Avid learner| Looking for opportunities