Cyber Apocalypse 2021 — Authenticator Write- Up

This my write-up for ‘ Authenticator ’ challenge from cyber apocalypse 2021 CTF

Category : Reverse Engineering

Difficulty : Easy

We are given a Linux binary which asks you to enter the credentials to continue.

My first instinct was to run string command on the binary to see if I can get ID and Pin

When We look through the output we can see that Alien ID is 11337. But I wasn’t lucky with the pin. To analyze how the pin is checked I import the binary into Ghidra.

After Ghidra’s Auto-Analysis, I started my analysis at the main function

In the main function, I saw an interesting function ‘ checkpin ’.

In the checkpin function, the highlighted line caught my eye.

XOR is always interesting when reverse engineering password or flag checking programs

By XOR-ing “}a:Vh|}a:g}8j=}89gV<p<}:dV8<Vg9}V<9V<:j|{:” with 9 in cyberchef it returns the output

th3_auth3nt1c4t10n_5y5t3m_15_n0t_50_53cur3

Flag: CHTB{th3_auth3nt1c4t10n_5y5t3m_15_n0t_50_53cur3}