Labyrenth CTF Windows Track Challenge #2

jmprsp

File: BabbySay.exe

SHA256: 7CA8D9F1BE070DEB6535326AB4DFAE4824055F777DD929D2DEE9D0ADBEBDE785

Packed: No

Tools used: exeinfo, Reflector

Codes & Binaries: https://github.com/jmprsp/labyrenth/tree/master/Window-Challenge-2

Description: This challenge is written in C#. Decompiling it is trival using tools like Reflector. You may find a copy of the decompiled source code in github.

exeinfo
Figure 1. Exeinfo indicates that the challenge is written in c#

On executing the challenge, you will see the following… looks like we need to key in a certain sequence before we can get the flag.

piano
Figure 2. A piano lesson

Decompiling the challenge using reflector is easy. The key_click function looks suspicious with all the funny characters…

reflector
Figure 3. key_click function

Being lazy… i shall just copy paste most of the codes here into another c# project (removing the if else) and writing the thangs variable to a file. Compile & run XDDDD

copypaste
Figure 4. stripping the if else and recompiling the codes

Wow we got the flag just like this…

flag
Figure 5. We got the flag!

FLAG: PAN{B4BBY_Y3LL5_50_L0UD!}

Labyrenth CTF Windows Track Challenge #2

Leave a Reply

Fill in your details below or click an icon to log in:

Gravatar
WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Cancel

Connecting to %s