Labyrenth CTF Windows Track Challenge #2

File: BabbySay.exe

SHA256: 7CA8D9F1BE070DEB6535326AB4DFAE4824055F777DD929D2DEE9D0ADBEBDE785

Packed: No

Tools used: exeinfo, Reflector

Codes & Binaries:

Description: This challenge is written in C#. Decompiling it is trival using tools like Reflector. You may find a copy of the decompiled source code in github.

Figure 1. Exeinfo indicates that the challenge is written in c#

On executing the challenge, you will see the following… looks like we need to key in a certain sequence before we can get the flag.

Figure 2. A piano lesson

Decompiling the challenge using reflector is easy. The key_click function looks suspicious with all the funny characters…

Figure 3. key_click function

Being lazy… i shall just copy paste most of the codes here into another c# project (removing the if else) and writing the thangs variable to a file. Compile & run XDDDD

Figure 4. stripping the if else and recompiling the codes

Wow we got the flag just like this…

Figure 5. We got the flag!


Labyrenth CTF Windows Track Challenge #2

Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s