Wednesday, January 22, 2014

Microcorruption - New Orleans

Microcorruption

Matasano and Square have created a fun little CTF that simulates a little embedded hardware hacking. They've simulated a debugger that is running on a lock that you access through your browser. The tutorial and the New Orleans challenge involve determining what the password is for a lock in order to move on.

New Orleans

This challenge starts off with a description of the lock with no real useful information in it. 

So off we go into the debugger! 

If you run the program, it asks you to enter a password. Since we don't know what it is we can enter random text and see how the program processes it. 

Entering in some string like, "test", and continuing execution we are ushered quickly out of the program. :(

Bugger, now we'll have to step through and see what it may be doing. Looking at main we see a few interesting items...

The check_password and get_password functions might be worth looking into. The check_password function looks like this:

Before this function is called, it should be mentioned that r15 holds the location in memory of the password that you entered in. What this function looks like it does is compare the string held at r13, which is assigned from r15, to the memory location at 0x2400. Looking in the Live Memory Dump section for whats held at 0x2400 we see this:

At this point we can take a wild guess that the first password is p:J>>V`

Success!

This is a pretty fun CTF. I'm looking forward to checking out the other challenges. I'll try and write them up as I go along, but I stink so I'm guessing I'll only be able to get the first challenge =P

1 comment: