Greate walkthrough bro Just with split i really like how did you patch the binary with pwntools I didn't use your approach instead i used ida to patch it manually with just replacing jz with jnz in both conditions then i just debug the binary with gdb to get the flag Good job man 👏👏👏
Great breakdown, I was not able to do any of these durring the CTF, I was able to find out what tools I needed from my research, but getting the tools installed and the learning curve was too steep for me to make any progress. I learned alot durring the CTF (my first), but this is teaching me alot more thx!!
excellent to hear mate! i've been doing CTFs for a while and still regularly come across events where i struggle to solve challenges (if any at all), there are so many levels when it comes to infosec 🤯 best of luck along your learning journey 😉🥰
I have to say that I really love your videos and the effort that you put in them. As someone who is trying to level up his reverse engineering skills, it is great to see your approach through the various reversing tools. While I am familiar with Ghidra (and of course Strings!), I have been trying to surmount the intimidating Radare2, and have been unfamiliar with Ltrace, GDB-PwnDbg, and the rest. Overall, thank you for your contributions and lessons.
thanks mate 🥰 i didn't keep hold of the binaries.. i think i'd get in trouble with HTB if i uploaded them 😂 some of the challs are very similar to existing active/retired challenges on HackTheBox though 😉
Really love these walkthroughs! I couldn't get past "Knock, Knock" because I was trying to interact with the backdoor directly instead of using pwntools. So I was limited to only 2 chars for my commands. 😅 Spent waaaay to long trying to find all 2 char linux commands to get the flag.
Thanks mate 🥰 Honestly, I spent a long time on the same thing lol. I thought the problem was with the space in the command, took me a while to work out that we need to supply the length of the command first and even then I had problems using netcat 😆
@@_CryptoCat Figured out that the program was interpreting the newline char " " after sending the command as the length. Which when converted to decimal is only 10
@@ItsJustNotBob Ahhh that makes sense! I recall now I changed the sendline() to send() in the pwntools script but didn't make the connection between the ' ' and 2 char commands working, thanks for that 😊
thanks mate 🥰 i put the solution scripts on github.com/Crypto-Cat/CTF but not the files because i assume CTFs will publish the files afterwards if they are happy to.. the best ones typically do, but "security training" companies can be a bit more protective over content i think 😆 check out some of the other CTF resources on my GitHub though for free all year round challenges that you can test some of the same techniques against 😉
I solved split differently, just a dynamic patch( changing the eax registry values to every time). But it's interesting how you did, considering that in my next challs :D
@@BrianHempstead thanks mate but that's me done for this one 😆 there will be plenty more CTFs coming up so i'll try to switch up the categories in future vids 😊
Hey! I'm using Parrot OS, kind of similar to Kali. I've been using it for a few years now but will probably go back to Kali next time I make a new VM (Parrot seems really slow to upgrade packages).
![Anti-Flag [easy]: HackTheBox Reversing Challenge (binary patching with ghidra + pwntools)](http://i.ytimg.com/vi/L-P5mfkyzeo/mqdefault.jpg)
Thanks for the detailed walkthrough.
no problem! thanks for watching 🥰
Greate walkthrough bro
Just with split i really like how did you patch the binary with pwntools
I didn't use your approach instead i used ida to patch it manually with just replacing jz with jnz in both conditions then i just debug the binary with gdb to get the flag
Good job man 👏👏👏
thanks bro 🥰 i should of actually patched that second condition in ghidra for a bit of variation. ah well, next time! 😁
TIL about this nice trick to replace ptrace (or any other functions). Thanks
pwntools never ceases to amaze me 🔥
Great breakdown, I was not able to do any of these durring the CTF, I was able to find out what tools I needed from my research, but getting the tools installed and the learning curve was too steep for me to make any progress. I learned alot durring the CTF (my first), but this is teaching me alot more thx!!
excellent to hear mate! i've been doing CTFs for a while and still regularly come across events where i struggle to solve challenges (if any at all), there are so many levels when it comes to infosec 🤯 best of luck along your learning journey 😉🥰
Incredibly useful, much appreciated for your effort of delivering this!
thank you 🥰🥰🥰
I have to say that I really love your videos and the effort that you put in them. As someone who is trying to level up his reverse engineering skills, it is great to see your approach through the various reversing tools. While I am familiar with Ghidra (and of course Strings!), I have been trying to surmount the intimidating Radare2, and have been unfamiliar with Ltrace, GDB-PwnDbg, and the rest.
Overall, thank you for your contributions and lessons.
thank you 🥰 you're right, there's so many different tools and ways of approaching some of these problems!
Hi 👋!! Great video as always
thanks mate 🥰 i didn't keep hold of the binaries.. i think i'd get in trouble with HTB if i uploaded them 😂 some of the challs are very similar to existing active/retired challenges on HackTheBox though 😉
@@_CryptoCat no worries I'm pretty sure I solved the similar web challenges, I'll give the reversing challenges a shot!
great sir thanks for it
🥰🥰🥰
Really love these walkthroughs! I couldn't get past "Knock, Knock" because I was trying to interact with the backdoor directly instead of using pwntools. So I was limited to only 2 chars for my commands. 😅 Spent waaaay to long trying to find all 2 char linux commands to get the flag.
Thanks mate 🥰 Honestly, I spent a long time on the same thing lol. I thought the problem was with the space in the command, took me a while to work out that we need to supply the length of the command first and even then I had problems using netcat 😆
@@_CryptoCat Figured out that the program was interpreting the newline char "
" after sending the command as the length. Which when converted to decimal is only 10
@@ItsJustNotBob Ahhh that makes sense! I recall now I changed the sendline() to send() in the pwntools script but didn't make the connection between the '
' and 2 char commands working, thanks for that 😊
Hi, awesome video and tutorials. Its possible create a repo with the binary of reverse and pwn of your videos ?
thanks mate 🥰 i put the solution scripts on github.com/Crypto-Cat/CTF but not the files because i assume CTFs will publish the files afterwards if they are happy to.. the best ones typically do, but "security training" companies can be a bit more protective over content i think 😆 check out some of the other CTF resources on my GitHub though for free all year round challenges that you can test some of the same techniques against 😉
I solved split differently, just a dynamic patch( changing the eax registry values to every time). But it's interesting how you did, considering that in my next challs :D
nice! that's how i dealt with the second condition. patching and runtime adjustment both perfectly valid solutions 😊
thanks for your writeup, could you write up misc challenges?
i didn't make videos for the misc/crypto challs this time around but i put the "misc: hotel" solve script on github!
@@_CryptoCat I still have all the downloaded files from misc and crypto if you want/need them for a video
@@BrianHempstead thanks mate but that's me done for this one 😆 there will be plenty more CTFs coming up so i'll try to switch up the categories in future vids 😊
hello. I just start to play CTF, especially RE. I dont know what distro ur using in this video. It's look much better than my kali newest ver one
Hey! I'm using Parrot OS, kind of similar to Kali. I've been using it for a few years now but will probably go back to Kali next time I make a new VM (Parrot seems really slow to upgrade packages).