 How's it going everybody? My name is John Hammond and welcome back to the YouTube video still looking at the Kaizen CTF Now moving on to some of the reverse engineering challenges. One that I want to show off is the easy as pie challenge I thought this one was really interesting It was honestly really easy and something that I think I've even covered in some of my own CTF like one one of the local ones That I put together here. The question is do you know the password? Maybe you don't need it and we're given this zip archive So I'll check this out We'll go ahead and put it in our Kaizen folder get a new one for it easy as pie And we'll save it there and move on to working with it. So go ahead and unzip it and We get this reverse me file which is a Binary, so let's mark it executable and start to play with it if we run it referential the password Anything we don't know and obviously no so what we want to do is we want to start to analyze it and work with it The low hanging fruit that we typically always start with is just strings So we take a look at the strings to reverse me and I just pipe that in the less and it looks like for a long long while There's like nothing here. There's literally nothing interesting or nothing good for like in this binary at all I don't it's just pretty much the regular strings. We see and just a regular packed binary But I'm just surprised that there's nothing there like normally there's some headers or for some other information And we just kept going through this for like a long enough time until eventually we hit something interesting Which hopefully I'll get to eventually some more longer lines We were curious of like why is there nothing here and Eventually Okay, here it is we something that we just screened by info this file is packed with the UPX executable packer So I've shown this off before and I think in some challenges that I put together for my team But UPX is a pretty commonly used one for executable packing and for trying to hide some stuff in in a binary so You can download you can play with it you can work with it I have the UPX thing downloaded already. So I know I could just use UPX on this now UPX And it's the ultimate packer for executables. We can use it to Decompressed files that are already compressed. So in our case, we want to use it on the reverse me So we can UPX dash D reverse me binary and it has been unpacked now now when we run strings on at a different time We've got a lot more output in this case. It's and looks like some of the C sharp or I'm sorry C plus plus bindings and stuff And we can scroll through it. There's a little bit more there now at the very end So I just hit the end key to get there and a bunch of stuff really nothing that I particularly want to look through now But since it's unpacked now, we should be able to work with it. Just fine. I Tried to Drep for the flag format Kaizen that didn't return anything for me So I did a little bit more like analysis with R2 and like obj dump and stuff like that With Ida Pro even now that we have Ida Pro, which is awesome So we ran Ida Pro. I'm sorry. We ran a radar 2 on it. I opened it up and I just tried to take a look at it I jumped to main and now I can View a little bit more and I Looked through it and I see okay Please end of the password that string that we've summed before and running C out So I know it's a C plus plus program just like I kind of assumed And I see it pushing on the stack the string flag Kaizen Huckleberry so that has to be our flag right there. Okay. Yeah flag Kaizen Huckleberry You can even see it in the flag So when I ran strings earlier, it was because it was not all Capitalized if I can just make a case insensitive we get our flag right here Kaizen Huckleberry with with simple prep So not hard just the UPX and being able to find that the fact that it was the UPX executable So my teammates all really easily and I was really pleased because the UPX thing was I was something I was trying to Teach and show off to other people and some of one of the local competitions that I that I put together a few months back So that's it. That was our that was the easiest pie reversing challenge only a hundred points But a good challenge to showcase some of those those things like UPX or common in CTF games So thanks for watching guys. See you later