Hacking for n00bz – Level 8

In level 8, we are being prompted to download a file called “app.exe” – seems like there is no other choice other than downloading it then.

n00bz Level 8

To be honest, I don’t know what to do with this executable (EXE) file at first also. However, after doing some reading, I learnt a little about reverse engineering and malware analysis. However, thankfully, in this exercise, we don’t have to do all that.

Before we get started, let’s take a look at the different tools which you can use to examine an EXE file,

  • Debugger: view and/or perform step-through on the running state of a program interactively
  • Disassembler: transform the machine code into a human readable mnemonic representation called assembly language
  • Decompiler: revert the process of compilation and turn a program into a structured higher-level language

In this exercise, we just need a debugger. There are several debuggers in the market, such as OllyDbg or WinDbg, both of them are free.

Personally, I prefer to use OllyDbg. This exercise is really simple. All you need to do is open up the “app.exe” file in your OllyDbg program and run it in debug mode (click on “play” button on the top).

n00bz Level 8

There, you see the flag written in ASCII right at the very first line of the program – the flag is “infosec_flagis_0x1a

Back to write-up list for InfoSec Institute CTF #1: Hacking for n00bz

Advertisements

One thought on “Hacking for n00bz – Level 8

Leave a Message

Please log in using one of these methods to post your comment:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s