 What's up guys? John Hammond here, still checking out some of the Google capture the flag beginner quest challenges from the previous competition this past weekend. Before we jump in, I want another shout out to Live Overflow. I know I've done this for literally every single video that I've had released in the series, but I just really, really want to tip my hat to him. He's a super cool guy, was willing to hang out with me and try our hands at this Google CTF together, and he did some rock solid, cool, awesome work on some of the legitimate challenges during the game. I did this baby stuff in the new category in the beginners quest, but he is a genius and you should totally check him out on YouTube. Alright, let's get into the game and see where we left off. Beginners quest, kind of on this top track here. Getting into the yellow next one is a challenge called Gatekeeper. So reverse engineering challenge supposedly. I actually did do a little bit of reverse engineering in this challenge, not a whole lot, but enough to, I guess, to be considered a reverse engineering challenge in my eyes. So let's save this file. Get a command line open where we can work with it. Get into the directory. This is another zip file, as we have seen with just about everything. Let's call it gatekeeper.zip so we can unzip it without a problem. And we have this file, gatekeeper, which is a binary. So let's market executable and let's try and play with it. I have an L there. When I run gatekeeper, there's this neat animation thing here. Gatekeeper access your PC from everywhere, login information missing. Okay, so I need to pass it a username and password. I don't know any username and password, though. So access your PC from everywhere and it does this verifying thing. It takes some time. It looks like a, but whatever. Okay, access to nine incorrect username. That's some neat print out effect, but it doesn't really help me. So let's do the low hanging fruit. Let's just run strings on this guy. I can list through this. And we see some of the regular ones gatekeeper access to nine login information thing, et cetera. And I see some odd ones. One warm, I think, and clicks the 4am T0 GI, those things look peculiar and those things look weird. I don't know where or how they go, though. So one thing I tried is I actually opened up Hopper. And if you haven't used Hopper before, it's a pretty awesome disassembler that is essentially free. The demo will run for 30 minutes, but it's also not that expensive to buy. I think it was only like $90 by the time I bought it. I don't know if they've upped their prices or anything. So we can see the strings and the labels, et cetera, points over here. And again, these strings are over in the tabs on the side here. I see that one warm string in LeetSpeak and they're all being referenced in main. So I went to main to view the disassembly and all those opcodes. But if I wanted to, I could alt enter and see the C like pseudo code. And it doesn't show me these things all that easily, except that it does tell me it actually pretty easily. If we don't supply the arguments, it'll tell us, okay, here's the usage. Otherwise, it'll choose some text animation on verifying. Looks like these are the functions that it's trying to call. And it checks, okay, if string compare one warm, looks like that's the username we're trying to look at. You can see that here being denoted. That's the test. And it will print out the flag if we get the right password supposedly. I don't know what this loop is doing, though. String compare, Xelix, D4M, itog, whatever. So let's try and try and try those strings to see if they are something that we actually want. Let's run gatekeeper. That was a username supposedly. And we'll try this as the password. Just like that. We'll go through that animation. Verifying, verifying, verifying. That takes however long it needs to take, however, access to not incorrect password. Okay, so our username seems to be correct, but our password is wrong. So looking at this for more than a couple seconds, you can probably start to see this is something backwards. This says I got mad skills and leads big backwards. So we can reverse this if we really wanted to. Let's do that in Python idle. Reversed, it's I got mad skills. And that is the password that we need to use. And it can give this to us in, it'll give us the flag. Like once we've got that typed in, we're good. Correct, there's the flag. And okay, literally for some reason, I don't know why that password is the flag, but let's take note of that. Nano flag attacks. CTF, curly braces surrounding that. Cool, we're good. And you could write a get flag script for that really easily if you wanted to, because you're only doing is passing that in and cutting up the last line. I did see this just kind of at first glance when I realized that string was backwards, but if you want to do a little bit more like true reversing, I suppose, you can, I ran L trace and stuff on this. And this is pretty annoying, right? Because it says password. Let's give it something. It just pumps out all these functions because of the sleep and the flush that it's doing when it's trying to create these animations. But it does do some like loops here. You saw that happen. And we can probably assume it's going to run a string compare. So if you wanted to grep for that SCR compare, you totally could. Remember, L trace and S trace are going to be piping or sending all that output to their standard error stream, because they want to be able to show that as well as the computer program, like the binary that you're trying to run showing that originally on centered output. So the standard errors where all their debugging information is going to go. So if we wanted to actually be able to grep through that stuff, we'd have to pipe to redirect to the standard error stream to standard output. So ampersand one so we can see it on centered output and then grep through that. So now once I hit enter, it's not going to get all those put character and flush and sleep commands. But eventually it'll hit the string compare and eventually it'll hit another string compare. We're testing if the password we supplied backwards is the same as what we'd seen as the string. So okay, it's clearly doing something to manipulate the string backwards. And that's probably what we saw way up here earlier when that was flashing by. And there was a segment that did an interesting loop it looked like. So that's some of the techniques you could use to figure out, okay, it's reversing the string, but whatever we've got the flag. Is it still in my clipboard? Whatever. Let's, yeah, we can wrap that in a CTF and submit and we're good. Let's mark that as complete. And we have completed another one of the beginners quest challenges in Google CTF. So thank you guys for watching. Hope you're enjoying these videos and want another shout out to live overflow. Check him out on YouTube. Thanks again for him and thanks again for being willing to actually explore some of this capture flag competition with me. So hey, if you did like the video, please press that button to like the video. If you'd like to leave me a comment, let me know what you think or what else I could do better, what else you'd like to see. If you're willing to subscribe and if you really, really want to help me out, I would love it if you were to click on one of the advertisements during the video. That helps me put food on the table. So thanks again. See you soon.