Reverse Engineering
Reverse Engineering challenges for Haaukins Platform.
Reverse Engineering
It is typically the process of taking a compiled (machine code, bytecode) program and converting it back into a more human readable format.
Difficulty Levels
The levels of difficulty scale is based on the number of steps required in order to solve the Training Challenge
- Very Easy: It requires just one step in order to get the flag
- __Easy:__ It requires one-two steps, it is based on the challenge category
- Medium: It requires two-three steps, it is based on the challenge category
- Hard: It requires three-four steps based on the challenge category
- __Very Hard:__ It requires several steps in order to get the flag
Weird Code
Points: 25 Difficulty: Easy
Learning Objectives:
- Learn the basic syntax of Go Programming language
Description: This is a Code-base challenge in which the user will have access to an FTP server in order to download a source code file. The user have to gather the piece of flag spread over the tricky source code in order to solve the challenge.
Prerequisite:
- Basic concepts of a programming language
Conditional Reverse Engineering
Points: 30 Difficulty: Easy
Learning Objectives:
- Learn what coupled if statements looks like in assembly.
Description: This challenge is an easy reverse engineering challenge. A binary called StringToHexConverter takes in a text string as an argument. Normally It would just return the hex string that you could put straight into a printf(). Example could be writing Hello
$ ./StringToHexConverter Hello
\x48\x65\x6C\x6C\x6F
Writing a very specific string will make the program print the flag in the terminal.
Prerequisite:
- Little knowledge in assembly language
- Know how to run GDP
Reverse APK
Points: 20 Difficulty: Easy
Learning Objectives:
- Learn how to decompile an APK and read smali files.
Description: The user has to download an APK from a website and reverse engineer the APK to read the source code of the file in order to solve the challenge.
Prerequisite:
- Knowledge of how an android project is structured.
PWN_strings
Points: 20, 42 Difficulty: Easy, Medium
Learning Objectives:
- Learn how to disassemble and do forensics on binaries, to be able crack the executable binary.
Description: This is a simple reverse engineering challenge composed of two challenges. Further investigation by applying the right tools for reverse engineering binaries will unveil more information on how to find the first and second flags.
Strings_everywhere
Difficulty: Easy
The binary for the callenge can be found and downloaded frompwn-strings.com
website. The tools used to find the frist flag in the frist part of the challenge isstrings
,grep
or a different tool to extract strings in binaries.OWN_if_statement
Difficulty: Medium
The binary for the callenge can be found and downloaded frompwn-strings.com
website. The tools used to find the second flag is debugging software such asgdb
or other disassembly software such as radare2(r2).
Prerequisite:
- Know how to use gdb (GNU Debugger) or radare2 (Reverse Engineering Framework)
- Basic understanding of Assembler instructions in 32-bit
C0ffee 0verfl0w
Points: 42 Difficulty: Medium
Learning Objectives:
- Learn how to take advantage of a buffer overflow/overrun. Another objective is to do forensics on the binary and decrypt the prices of successfully exploiting the overflow
Description: The challenge is a buffer overflow challenge. To retrieve the flag a buffer must be exploited correctly. A string will be presented when successfully exploited which then must be decrypted and deobfuscated from two formats namely, from hex and from base85 to obtain the flag.
- C0ffee_0verfl0w
Difficulty: Medium
Browse C0ffee-0verfl0w.com and download the binary. When the binary has been exploited succesfully you will receive an encrypted flag. Decrypt the flag with openssl using the key; ThisMightBecomeHandy42. Algorithm used is AES256 and the cipher text is base64 encoded.
Prerequisite:
- Know how to use r2/radare2(Reverse Engineering Framework) or gdb (GNU Debugger)
- Basic understanding of Assembler instructions in 32-bit
- Basic understanding of encryption/decryption schemes and string formats