🟢Reversing: Baby RE
Description
"Show us your basic skills! (P.S. There are 4 ways to solve this, are you willing to try them all?)"
and we have a file, which by unzipping we give a file without extension called "baby"
seeing the strings of this file we see an interesting thing, like
HTB{B4BYH
_R3V_TH4H
TS_Ef
"Don't run "strings" on this challenge, that is not the way!!!!"
insert key:
abcde122313
but for me what most caught my attention were the following strings
puts
stdin
strcmp
GCC: (Debian 9.2.1-8) 9.2.1 20190909
baby.c
because it indicates that this file is a file that can be decompiled into a C file
for this, I used the reverse engineering program called Ghidra
after decompiling and recompiling this program in a C code, we have this:

and passing these strings from hexadecimal to ASCII
we have :

is strange because it refers to memory addresses, that is, these strings are backward, but in pairs
example : 0x7d5a is 0x5a 0x7d
then fixing, we have:
0x594234427b425448
0x3448545f5633525f
0x455f5354
0x7d5a
==>
48 54 42 7b 42 34 42 59
5f 52 33 56 5f 54 48 34
54 53 5f 45
5a 7d
now, if we convert this from hex to ASCII, we have the right flag
Last updated