This is a simple writeup by my team H0j3n.
Reverse Engineering
Coded_VI
I’m using radare2 to analyze the binary. By looking at the main I found a strings Tranqulat3d which could be the argument needed but its not the right one
pdf @main
By looking at ghidra I found this condition where need to be met to get the flag.
So after trying to understand what it's doing I try to make a simple script to mimic the program and manage to get the flag :)
Running the script and we get the flag.
Coded_II
The next challenge is almost like before. So let’s use radare2 again
pdf @main
By looking at ghidra I found this condition where need to be met to get the flag.
So I found that by using the same script that I made. You just need to change the first_part and the extra.
Run the script again and I got the flag :)
Cerberus
So I found out that the file is LZMA compressed data.
Let's try extract using 7z and we got another one
7z e cerberus
So we got another file with python 2.7 byte-compiled.
I have encountered this file before and to uncompile it we can use uncompyle6. But make sure to add .pyc
We can see there is a python script here. Let's try running the script and only print trust.
So we got base64 encoded. Let’s decode it.
So that’s why the challenge name is Cerberus. It is Kerberos hash.
Let’s try crack it using rockyou.txt and we got the password which is the flag itself. apuboh{<password>}
Conclusion
This is just a simple writeup for what I have encountered in APU Battle of Hackers. Thank you to the organizer and sponsors for the great event. This is my final semester and I hope I can join the next event if possible. Congrats to all teams who join the events and it's a healthy competition. Let’s keep learning and improving ourselves. Thank you to my teammate Idham and Awis!