Skip to content

Instantly share code, notes, and snippets.

@superkojiman

superkojiman/README Secret

Last active Apr 6, 2019
Star
Embed
What would you like to do?
Learn more about clone URLs
Download ZIP
Radare 2 primer binary challenge.
Raw
README
Binary and source file used for the Radare 2 primer.
Raw
mystery.c
/*
* Binary challenge used for the Radare 2 Primer.
* By superkojiman - http://blog.techorganic.com
*
*/
#include <stdio.h>
#include <string.h>
int check_password(char *pass) {
int stage2 = 0;
/* stage 1, check the first 5 letters */
if (pass[0] == 'h') {
if (pass[1] == 'e') {
if (pass[2] == 'l') {
if (pass[3] == 'l') {
if (pass[4] == 'o') {
stage2 = 1;
}
}
}
}
}
/* stage 2, check the next 5 letters */
if (stage2) {
if (pass[5] == 'w') {
if (pass[6] == 'o') {
if (pass[7] == 'r') {
if (pass[8] == 'l') {
if (pass[9] == 'd') {
return 0;
}
}
}
}
}
} else {
return -1;
}
}
int check_pass_len(char *pass) {
int i = 0;
while(pass[i] != '\0') {
i++;
}
return i;
}
int main(int argc, char *argv[]) {
char pass[10];
int stage2 = 0;
printf("Enter password: ");
scanf("%s", pass);
printf("Got [%s]\n", pass);
if ((check_pass_len(pass) == 10) &&
(check_password(pass) == 0)) {
printf("Win!\n");
} else {
printf("Fail!\n");
}
return 0;
}
@BryanNoller

This comment has been minimized.

Sign in to view
Copy link

@BryanNoller BryanNoller commented Jan 3, 2017

mystery.bin is patched already, so any password of length 10 works
@Komiblanka

This comment has been minimized.

Sign in to view
Copy link

@Komiblanka Komiblanka commented Mar 21, 2017

What flags did you use to compile the binary?
gcc mystery.c -o mystery.bin --> shows the name of the functions in r2
@sunscan

This comment has been minimized.

Sign in to view
Copy link

@sunscan sunscan commented Mar 28, 2017

@Komiblanka try with -s
@noahShinabarger

This comment has been minimized.

Sign in to view
Copy link

@noahShinabarger noahShinabarger commented Jun 15, 2018

@BryanNoller to fix the fact that mystery.bin is patched already, you can use the following commands:

  1. s 0x0040072
  2. oo+
  3. wx 750c
@ghost

This comment has been minimized.

Sign in to view
Copy link

@ghost ghost commented Oct 9, 2018

Hello, I've forked your gist.
Could you please take a look at the patch of mine?

I know the purpose of this binary, but there was a Buffer Overflow issue due to the usage of scanf.
In my patch, I've fixed it.

Thanks :)

Link to revision
https://gist.github.com/t0kt0k/52d7240699b53310ed61dda3b616c7ae/revisions
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment