Saturday, 2 November 2013

EMCDefendersleague2013 week-1 challenge-7 solution

Files can be downloaded from here :


Question : We have obtained an innocent looking file from our sources who confirm that there is a coded message hidden somewhere inside. Get the message!

Hint 1:Hidden in bits!

Hint 2:PE File Format

Hint 3:Hex Editor

We know that the file is a PE executable.
Now a good reverser's best tool is "strings"

Command : strings Contest7.sample

Now scroll a bit and observe this string 
0x53 0x4a 0x6a 0x58 0x65 0x66 0x61 0x52 0x53 0x7a 0x58 0x42 0x6f 0x71 0x56 0x57 0x52 0x74 0x46 0x66 0x6a 0x72 0x5a 0x73 0x78 0x75 0x64 0x76 0x43 0x54 0x48 0x62 0x63 0x55 0x6f 0x51 0x4a 0x58 0x75 0x78

now we know that its a hex string,Converting it to ASCII gave me the answer.
I dint go by the hints.but this would be a easy reversing.

here you go the flag is : SJjXefaRSzXBoqVWRtFfjrZsxudvCTHbcUoQJXux

By this week-1 questions and solutions are done.Hope you enjoyed it! Thank you..

No comments:

Post a Comment

enter valid comments.Suggestions are most welcome and would be interested in correcting my mistakes.