Persecure : my learning archive

Basic Malware RE

Tools : Ghidra

Strings :: Challenge 1

For the first challenge the flag can be easily obtained from examining the entry function.
Use the strings and grep command to get the flag easily.

Strings :: Challenge 2

The clues in the second challenge are stored in each variable , use a hex converter to find the flag.

Strings 3 :: Challenge 3

Hex 0x110 = Decimal 272

In Ghidra –> Windows –> Define Strings and look for the Rsrc String ID 272 for the flag.

Create a website or blog at WordPress.com