-
-
Save superkojiman/556eaa2fc83a51298992 to your computer and use it in GitHub Desktop.
Radare 2 primer binary challenge.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Binary and source file used for the Radare 2 primer. |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| /* | |
| * Binary challenge used for the Radare 2 Primer. | |
| * By superkojiman - http://blog.techorganic.com | |
| * | |
| */ | |
| #include <stdio.h> | |
| #include <string.h> | |
| int check_password(char *pass) { | |
| int stage2 = 0; | |
| /* stage 1, check the first 5 letters */ | |
| if (pass[0] == 'h') { | |
| if (pass[1] == 'e') { | |
| if (pass[2] == 'l') { | |
| if (pass[3] == 'l') { | |
| if (pass[4] == 'o') { | |
| stage2 = 1; | |
| } | |
| } | |
| } | |
| } | |
| } | |
| /* stage 2, check the next 5 letters */ | |
| if (stage2) { | |
| if (pass[5] == 'w') { | |
| if (pass[6] == 'o') { | |
| if (pass[7] == 'r') { | |
| if (pass[8] == 'l') { | |
| if (pass[9] == 'd') { | |
| return 0; | |
| } | |
| } | |
| } | |
| } | |
| } | |
| } else { | |
| return -1; | |
| } | |
| } | |
| int check_pass_len(char *pass) { | |
| int i = 0; | |
| while(pass[i] != '\0') { | |
| i++; | |
| } | |
| return i; | |
| } | |
| int main(int argc, char *argv[]) { | |
| char pass[10]; | |
| int stage2 = 0; | |
| printf("Enter password: "); | |
| scanf("%s", pass); | |
| printf("Got [%s]\n", pass); | |
| if ((check_pass_len(pass) == 10) && | |
| (check_password(pass) == 0)) { | |
| printf("Win!\n"); | |
| } else { | |
| printf("Fail!\n"); | |
| } | |
| return 0; | |
| } |
What flags did you use to compile the binary?
gcc mystery.c -o mystery.bin --> shows the name of the functions in r2
@Komiblanka try with -s
@BryanNoller to fix the fact that mystery.bin is patched already, you can use the following commands:
- s 0x0040072
- oo+
- wx 750c
Hello, I've forked your gist.
Could you please take a look at the patch of mine?
I know the purpose of this binary, but there was a Buffer Overflow issue due to the usage of scanf.
In my patch, I've fixed it.
Thanks :)
Link to revision
https://gist.github.com/t0kt0k/52d7240699b53310ed61dda3b616c7ae/revisions
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
mystery.bin is patched already, so any password of length 10 works