Skip to content

Instantly share code, notes, and snippets.

@0xsan-z

0xsan-z/passwd.c

Last active February 11, 2021 14:44
Show Gist options
  • Save 0xsan-z/ed1ad328588b08af7ee86e561496ed57 to your computer and use it in GitHub Desktop.
Save 0xsan-z/ed1ad328588b08af7ee86e561496ed57 to your computer and use it in GitHub Desktop.
Download ZIP
Reversing Challenge.Challenge binary from TryHackMe's room Classic Passwd using Ghidra
Raw
passwd.c
// https://0xsanz.medium.com/classic-passwd-tryhackme-60b2ad5c5008
undefined8 main(void)
{
vuln();
gfl();
return 0;
}
void vuln(void)
{
int iVar1;
char local_2c8 [130];
undefined8 local_246;
undefined4 local_23e;
undefined2 local_23a;
char local_238 [512];
undefined8 local_38;
undefined8 local_30;
undefined8 local_28;
undefined2 local_20;
undefined local_1e;
undefined8 local_15;
undefined4 local_d;
undefined local_9;
local_15 = 0x207962206564614d;
local_d = 0x6e6f6e34;
local_9 = 0;
local_38 = 0x2f2f3a7370747468;
local_30 = 0x632e627568746967;
local_28 = 0x69626f306e2f6d6f;
local_20 = 0x3474;
local_1e = 0;
local_246 = 0x6435736a36424741;
local_23e = 0x476b6439;
local_23a = 0x37;
printf("Insert your username: ");
__isoc99_scanf(&DAT_0010201b,local_238);
strcpy(local_2c8,local_238);
iVar1 = strcmp(local_2c8,(char *)&local_246);
if (iVar1 == 0) {
puts("\nWelcome");
return;
}
puts("\nAuthentication Error");
/* WARNING: Subroutine does not return */
exit(0);
}
void gfl(void)
{
int local_10;
int local_c;
local_c = 0x52c8d5;
do {
if (0x77d088 < local_c) {
return;
}
if (local_c == 0x638a78) {
local_10 = 0x1474;
while (local_10 < 9999) {
if (local_10 == 0x2130) {
printf("THM{%d%d}",0x638a78,0x2130);
/* WARNING: Subroutine does not return */
exit(0);
}
local_10 = local_10 + 1;
}
}
local_c = local_c + 1;
} while( true );
}
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment