Persecure : my learning archive

, ,

HTB Challenge : Impossible Password

https://app.hackthebox.com/challenges/impossible-password

Download the file and test out the program.

Use strings for clues.

Try with the found password.

Use ltrace to observe the file.

The program compares with a random string and exits. We see that the program holds the time , srand and malloc functions. The string comparison randomly changes by time.

Disassemble

Let’s use a dissembler to explore the program.

Show the main function.

The first strcmp is for the first key and it goes to a function.

Explore that function.

This is the random function that is generating the 2nd key comparison.

Go back to the main function and patch the program.

During the test feature instead of the checking function we jump to 0x0040096a and then to fcn.00400978 that gives us the flag.

We can see the modifications if we print the main function again.

Test the program and the flag is found.

Leave a Reply

Fill in your details below or click an icon to log in:

Gravatar
WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Cancel

Connecting to %s

Comments (

0

)

%d bloggers like this: