So what we want to do is to obtain the decrypted key. Load the binary in a debugger:
From the debugger, it is shown that the program exits prematurely before it shows the decrypted key. That's easy, just put a breakpoint at the call to exit() at 0x401106, patch it with nops, and voila!
Key: welcome_to_csaw!
Another way is to load the binary in a disassembler:
Key bytes are being loaded into the buffer.
The decryption routine:
Xor the key bytes with 0xff, and we get welcome_to_csaw!
No comments:
Post a Comment