Secure_Database_Password
Challenge Description
running through the challenge
lets open the ghidra and reverse engineering the binary we are given in the chall (./system_out). After opening the binary in ghidra the most important part of decompilation code is this part.
as we can see that there is a make_secret() function that takes a string and whatever the function returns is being compared to the hash we enter and if it matches it opens flag.txt file.
BOOM! we just need to go this make_secret() function and see what this local_f8 is and then we can get the flag.
as we can see in the make_secret() function it takes this hardcoded obf_bytes array and xors each digit with 0xaa and then we call another function hash()
this hash function looked familiar and when I googled about it I came to know it was known as the djb2 algo. OK so lets plan
We can put a breakpoint at this hash function this way we can see the string before undergoing the hash function. Once we capture this string we will just apply the djb2 decode and hopefully get the flag
ok so we get this string “iUbh81!j*hn!” , lets apply the algorithm on this string for that I vibecoded this python script to make our work easier
def djb2(s):
h = 5381
for c in s.encode():
h = (h * 33 + c) & 0xFFFFFFFFFFFFFFFF
return h
print(djb2("iUbh81!j*hn!"))
# we get 15237662580160011234 as output
pasting this string as our hash we successfully get the flag







Top comments (2)
Good job man this was cool
thanks bruv;)