Mission:
An executable 'nullex80' was given and we have to find out the flag, tried to run in and it asked for username and password
First: applied the 'file' command, it gave the below o/p
So from the o/p we got it's not stripped so the variables and functions are in readable form that means we can apply 'strings' command on the file to get all readable strings from the file
Second: apply strings on 'nullex80'
So from a look at the readable strings given as the o/p 'r00t' seem like a good candidate for password
Third: Run the executable with 'r00t' as username and 'OshZ2sexLLLxXXnnn001'as the password
An executable 'nullex80' was given and we have to find out the flag, tried to run in and it asked for username and password
First: applied the 'file' command, it gave the below o/p
file nullex80 nullex80: ELF 64-bit LSB executable, x86-64, version 1 (SYSV), dynamically linked (uses shared libs), for GNU/Linux 2.6.32, BuildID[sha1]=0x7f73d19c16ca48817097c99cb8e0d2fb3ad50760, not stripped
So from the o/p we got it's not stripped so the variables and functions are in readable form that means we can apply 'strings' command on the file to get all readable strings from the file
Second: apply strings on 'nullex80'
strings nullex80 /lib64/ld-linux-x86-64.so.2 libc.so.6 puts putchar printf strlen strcmp __libc_start_main __gmon_start__ GLIBC_2.2.5 UH-h UH-h []A\A]A^A_ username password %s %s r00t OshZ2sexLLLxXXnnn001 Kit Williams quotes You see, my ambition was not to confound the engineering world but simply to create a beautiful piece of art. Wrong username/password! ;*3$"
So from a look at the readable strings given as the o/p 'r00t' seem like a good candidate for password
Third: Run the executable with 'r00t' as username and 'OshZ2sexLLLxXXnnn001'as the password
./nullex80 r00t OshZ2sexLLLxXXnnn001
You see, my ambition was not to confound the engineering world but simply to create a beautiful piece of art.
Kit Williams quotes
flag{2afcad7815395d567001e09100c4e2fe}
voilĂ got the flag !!
0 comments:
Post a Comment