Now, this isn't actually a variable we particularly care about. A variable local_89 gets passed to the allocator function. After this string is created, we see another interesting function. With this in mind, we can rename local_88 to empty_string until we learn its actual purpose. This particular version is the default constructor that creates an empty string. I don't fully understand the details, but the basic_string constructor has a few different versions. This is how C++ strings are instantiated. We then see a local variable local_88 get passed to the basic_string function. These are the two instructions at address 0x0010134A-0x00101353. We then see the stack cookie get stored on the stack. The function starts off with normal function prolog stuff. Let's go ahead an open this binary up in Ghidra! Static Analysis in Ghidra Part of the main function disassembled The error message is a little on the harsher side but we'll ignore that. We see what looks like a prompt, an error message and a success message. Fair warning, the author used some pretty harsh language lol. Everything else here isn't very useful or interesting to us so let's go ahead and run strings.
This tells us that this function takes in a string as a parameter. We also see there are a bunch of words and letters after the function name. We do see a user-defined function called boringFunc. A lot of these are C++ artifacts and we don't necessarily have to worry about them. Let's go ahead and look at the symbols with the nm command. We see this is a 64-biy binary, dynamically linked, and we see that it is not stripped. Alright, with all of that out of the way, let's get reversing. I'd also recommend you download a disassembler like IDA or Ghidra. The binary comes in a password protected zip file, the password is "crackmes.one" without the quotes. If you'd rather use your own VM, I understand, you can download the binary here. It's stored in /home/kali/reverse_engineering/crackmes/abso_general. It has all of the tools I'll use throughout this post including the binary. If you'd like to follow along you can download the Kali VM I used.
Reverse Engineering Challenge - First Ever Crackme Video Walkthough Optional Materials to Follow Along C++ binaries always give me a little bit of trouble, but I think I learned a lot during this challenge and I hope you will too! As always, you can check out my video walkthrough on my YouTube channel.
This challenge is fairly simple but it was written in C++. Although they ended up solving it on their own (good for them!) I also solved it and thought I should share my solution. Hello there! Someone from the crackmes.one discord channel asked for some help with this challenge.
0 kommentar(er)
