Skip to main content

Impossible password

Are you able to cheat me and get the flag?

Solution

open the given file impossible_password.bin in ghidra and disasemble the code

opening the function FUN_0040085d we get to know that our input after * is being compared with string 'SuperSecretKey' and after that out input after ** is begin comapred with __s content of which is not known to us.Now we notic ethe string comparision is going on at address 00400961.So now open the binary file in gdb and add break point into at 0x00400961.Just before the instruction registers rsi and rdi are filled with some values which are begin compred so at this point we can see the values in registers rdi and rsi. after that set $rdi = $rsi so that after comparision they appear to be same and we will get the falg which is HTB{40b949f92b86b18}