10615
HTBBreizhCTF - Net Net (Reverse)
Reverse simpliste d’un fichier .NET
| Je n’ai malheureusement pas sauvegardé l’énoncé des épreuves |
|---|
| net_net.exe |
Lookin’ for what
switch@XXX:/mnt/c/Users/switch/Desktop/breizh$ file breizh.exe
breizh.exe: PE32 executable (console) Intel 80386 Mono/.Net assembly, for MS Windows
Oh un fichier .NET, vite utilisons l’excellent tools de Jetbrain (ça devient une habitude chez eux ahah) : dotPeek
What, really ?
Extrait du code source du programme
Console.WriteLine(str1);
Console.WriteLine("Hold on! Your name first:");
Console.WriteLine("Hi " + Console.ReadLine() + " how are you?");
Console.WriteLine("Enter now your password and I'll let you in (huuum):");
string str3 = Console.ReadLine();
string str5 = "secret_harcoded_password";
if (str3 == str5)
{
Console.WriteLine("WowwW! How did you find me...!");
Console.WriteLine("...Ok, so here Your flag is:" + str2 + "So_Damn_Easy_Obfuscate_NET_Prog!!!}");
}
Le password était simplement hardcoded, seul le flag était généré à la volé via du base64
#BREIZHCTF{This year, let's come back to roots! Here is a NEaT prog}
Hold on! Your name first:
switch
Hi switch how are you?
Enter now your password and I'll let you in (huuum):
secret_harcoded_password
password
WowwW! How did you find me...!
...Ok, so here Your flag is:BZHCTF{So_Damn_Easy_Obfuscate_NET_Prog!!!}