HackMe2:
This password uses a simple check-sum comparison for authorization.
Download File: HackMe2(Linux)
Download File: HackMe2(Windows)
Solution
First of all you can have a look at the contained strings.
strings hackme2_linux | less
Afterwords have a look at the hexdump.
hexdump -C hackme2_linux | less
ELF structure
$readelf -h hackme2 ELF Header: Magic: 7f 45 4c 46 02 01 01 00 00 00 00 00 00 00 00 00 Class: ELF64 Data: 2's complement, little endian Version: 1 (current) OS/ABI: UNIX - System V ABI Version: 0 Type: EXEC (Executable file) Machine: Advanced Micro Devices X86-64 Version: 0x1 Entry point address: 0x4005c2 Start of program headers: 64 (bytes into file) Start of section headers: 5472 (bytes into file) Flags: 0x0 Size of this header: 64 (bytes) Size of program headers: 56 (bytes) Number of program headers: 8 Size of section headers: 64 (bytes) Number of section headers: 30 Section header string table index: 27
GDB
$gdbtui hackme2
(gdb) layout asm (gdb) start
Source code:
#include <stdio.h>
int main(void)
{
char pass_in[15];
int i;
int valid = 0;
printf("Copyright by NM-Projects.de\n");
printf("Enter password: ");
scanf("%15s[^\n]", pass_in);
for(i = 0; i < 4; i++)
{
valid=valid+pass_in[i];
}
if(valid == 206) // input 1337 or combination
{
printf("\nRight password\n");
}
else
{
printf("\nWrong password!\n");
}
getchar();
return 0;
}
Leave a Reply