In this article, I will be demonstrating my approach to completing the Classic Passwd (reverse engineering) Capture The Flag (CTF), a free room available on the TryHackMe platform created by 4non. I have provided a link to the TryHackMe platform in the reference below for anyone interested in trying out this CTF.
Disclaimer!
I like to add a brief disclaimer before a writeup to encourage people to attempt the room before reading this article since there will obviously be spoilers in this writeup. I believe you will enjoy the CTF more if you attempt it yourself first and then come back to this writeup if you get stuck or need a hint. So without any further delay, let's get started!
Approach:)
I started by using strings to get contents for the file
From the strings results, we see the THM{} flag format, so I made the file executable to see what it was executing. and upon execution, When attempting to enter any text I receive an authentication error.
So I decided to use ltrace, (a debug util in Linux used to display calls made by an application….)This will reveal to us the username that it is comparing the input (our username) with.
Now I could use the generated username, to login and get the flag.
Closing Remarks
This was a fun and challenging CTF available on the TryHackMe platform. I’ve been having a lot of fun on the TryHackMe platform, which is an excellent place to learn new skills and have fun playing CTF’s. Thanks for reading till the end and keep hacking!
