 Hello. In this recitation, I'm going to solve one of the university problems and then if you have any questions regarding the homework, I'm happy to answer your question. The question that I'm going to solve is this one, find that path. As you can see, it has some hints in the description of the challenge. It says that you need to find a password and a password to the flag that you're looking for. Also, it mentions that it's not in this format. It's probably good to know that it's not in this format. Okay, let's change the screen that I'm sharing with you. This question, you can solve it using GDB, but it's not recommended because it requires you to have complete knowledge of assembly language so that you can understand what happens in the assembly language. Also, you can follow instructions in order to understand what the program does. It's recommended to use Githra, which is one of the applications that the professor mentioned in the class. Here is when you run the application, first thing you need to do is to go to our file and create your project. Here I created a project called test. After that, under the file, you should import the file, the binary file that you have. Exactly the binary file, for example, here in this example that was provided for you in the CTF website. Once you import your file, it has the option that you click to analyze the code. When it's analyzed the code, it gives you different functions. Here I selected to see main function, this assemble code. The nice thing about this program is that it gives you the decompiled version of main function. Here, as you can see, this is the decompiled version. We're going to go through this main function to see if we can understand what's happening in the function and what's the password or how we should guess the password. Here in this code, at the first, a few hexadecimal values have been defined with the name of local45 from 0 to 12. Then after this, we can see this kind of function. Using this function, it gets the user input and put it in the local38 variable. Here we can see it has defined a variable called local58. After that, there's a do-while loop. In the do-while loop here, at the one line before to the end of the program, we can see it adds one every time to the local58. It somehow acts as a calendar for us. Let's continue here. We see that if we can ignore for this part of the code that I can show that here in the if it checks if the local58 is bigger than C, which is the hexadecimal value, its int value would be 12. The main important part about this program is this comparison that happened here. It compares in two values and if they're not equivalent, its prints fail. So it's important to understand what are these values that it do the comparison for. One of them is local45 that we saw here right in the beginning of the program. The other one is local38 that here we saw it gets it as the user input. It takes them character by character using the counter that we mentioned. Every time before the comparison happened, it XOR the value with the 56 hexadecimal and then that's it. Having this knowledge, what did we understand? We understand whatever we give to the input of this program, which is the password that we found, it checks it check it with a value that's hard coded in the code in the beginning of the code with a 56 hex value. So it seems like that we understand what the program do and we are able to crack it and find the password. How should we do it? Having these hard coded values, each hexadecimal value and knowing that it has been XORed with 56, we can simply write this point on program where I defined an array and put each of these values as an element of this array. Then in a for loop, we can XOR each value with 56 and as a result what we have is the password or the flag that they're looking for. Here, if we print the cares, it shows each of the character of the password by using the joint function, which is a Python building function. We can see the result, which is printed here for you. If you just use strings, which was the key to solve the first reverse engineering problem, you would see another flag, which was somehow a dummy flag, which told you do not look here. You should realize you should look somewhere else for the real track. That's it. As you can see, it was having these two using the Githra, it was pretty straightforward to solve this problem. Now, if you have questions, whether regarding this CTF or homework, you can type in the chat box. Regarding other challenges, we'll not cover all of them in this recitation, but probably in the upcoming recitation, other TAs will go through them.