Write-up author: jon-brandy
there's crypto in here but the challenge is not crypto... 🤔
- Given a stripped 64 bit binary file.
- Let's try to run the binary in gdb.
CHECKING ALL THE FUNCS AVAIL
- Notice the symbols address is an offset, which means we need to at least run the binary once to get the actual address.
- Let's set a random breakpoint first (note the breakpoint shall not interfere with the symbols) so we can check the addresses again.
RESULT
- Great, let's start by set a breakpoint at the
memcmpfunctions to see any leaked comparing values.
RESULT
Let's enter any strings.
RESULT
- Notice at the RDI register, the flag is leaked.
- Got the flag!
picoCTF{c0mp1l3r_0pt1m1z4t10n_15_pur3_w1z4rdry_but_n0_pr0bl3m?}