CAT Reloaded CTF 2023 by 0xL4ugh

My write-ups to My reverse challenges in CAT Reloaded CTF 2023

During the CTF competition, I had the opportunity to author two reverse challenges and thoroughly enjoyed the process. Not only was it a fun experience, but it also provided me with valuable knowledge and expertise in reverse engineering field . I hope that my friends who participated in the competition also enjoyed solving these challenges and gained new skills as well. Overall, being a part of this competition was a rewarding experience that allowed me to grow and learn in my field.
  • Name Category Level
  • rabbits Army Reverse Medium
  • Lazy Reverse Medium
I tried to make my write-ups as simple as possible so that beginners could easily understand the solutions
There are many other ways to solve these challenges, and I prefer that you read the solutions the hard way (to learn something new) and during the competitions try the easy ways (to save time for the rest of the challenges)
  • Name rabbits Army
  • Category Reverse
  • Level Medium

SOLUTION
  • let's run the challenge >>>>>>> its infinite loop function!!

  • next step , we just do static analysis to see if it is packed or not (not packed) >>>>>>> and its Packed by UPX

  • now , let's unpacked the challenge

  • if you use Flare VM you will get this error, and this due to old upx version , so you should download latest upx version

  • let's use our ida , In Main function there is two functions

  • The first function is what we see in running program
  • But this second function will not execute

  • so , to solve the challenge let's use ida debugger and add break point in our sentence " Hi :YOU: BYE" or before The first function



  • And set IP at the second function and jump to it

  • and after that , Simply run the program, and you will get the flag

  • Flag CATF{Y0U_Wi11_be_Aso1dier_s00n}
  • Name Lazy
  • Category Reverse
  • Level Medium

SOLUTION
  • we just do static analysis to see if it packed or not (not packed)

  • And let's check the challenge's resource: ( by using resource hacker )

  • we next do dynamic analysis and see its behavior – simply run it :

  • It look like a flag in binary format , let's check it using cyberchef : Ok , its fake flag But now we know that the challenge , require username and password And from the static analysis we know the username is "nasserae"

  • now let's see the advanced static analysis using ida : First , strings window : There are username and 2 passwords ! not one ! So let's go to it

  • from reversing When the password (20 characters) we will see the "P@ssw0rd"



  • let's try any random password (but 20 characters)

  • now let's try any value for second password :

  • And use cyberchef :

  • from reversing >>>> the P@ssw0rd must be (20 characters) and its value "00000000000000000000"



  • and if you try to enter P@ssw0rd less than (20 characters) you will get "Wrong Password" and you will see the right P@ssw0rd !!!

  • now lets use "00000000000000000000"

  • and we get the flag

  • Flag CATF{Brav00_Brav00_}
Another SOLUTION
  • there is another way to solve the challenge , just open the challenge with ida and take the binary values

  • and use cyberchef to XOR Brute Force by using the binary values and "CATF" part from the flag

  • Flag CATF{Brav00_Brav00_}