What is the anti debugging trick that causes gdb to only run the program once, then emit:
“No executable file specified.
Use the “file” or “exec-file” command.” ?
I tried hooking p**** in various ways using LD_***, didn’t do any good.
I too have more success with radare2, but I’d like to be able to run it in gdb.
After reading here, it doesn’t seem like everything has troubles with the anti debugging, so I’m not sure if this is intended to be part of the challenge or not, and either way a hint on that would be nice, unless that indeed is the whole challenge.
Just Solved the Challenge… I don’t think ElfParser precisely is needed for this… Yes, a little modification is required but only to the reg values… Also, I didnt encounter any anti-debugging… and i used IDA with remote debugging…
Someone can confirm that the flag have a non printable char? I think I found the flag, the program says that I win but the flag is not accepted as valid.
Someone can confirm that the flag have a non printable char? I think I found the flag, the program says that I win but the flag is not accepted as valid.
Using radare2 I am able to find strncmp function and main and see their program flow, however I am not understanding how the program jumps to ptrace? Any help will be appreciated
found anti debug trick so not the X password but the longer should be right t33l0 after that there is a strncmp that should be give the right password, but i can’t figure out waths going on, found something interesting (do|oxme) but cant really understand whats the point, any advice?
Most of these “hints” on the forum are all dead ends and rabbit holes.
I used ghidra for a quick decompile of the main function and IDA for debugging. The code changes on runtime. Look at code “around” where the input password prompt is. Hopefully that helps
What is the anti debugging trick that causes gdb to only run the program once, then emit:
“No executable file specified.
Use the “file” or “exec-file” command.” ?
I tried hooking p**** in various ways using LD_***, didn’t do any good.
I too have more success with radare2, but I’d like to be able to run it in gdb.
After reading here, it doesn’t seem like everything has troubles with the anti debugging, so I’m not sure if this is intended to be part of the challenge or not, and either way a hint on that would be nice, unless that indeed is the whole challenge.
I solved it but I am curious why does this happen. Can anyone shed light on this matter?
@21stofjuly , I worked on this like 5 months ago and can’t remember the exact details, however while executing the file it will make a JMP call to address (I think 0xF) which causes the segmentation fault. I could be the reason. If someone has other thoughts please let us know.
Using radare2 I am able to find strncmp function and main and see their program flow, however I am not understanding how the program jumps to ptrace? Any help will be appreciated
If you look at the program header table in the elf file you will see a DYNAMIC program header. Issuing readelf --dynamic will show you the address of the .init_array section. This section contains constructor functions that will be called before main. One of those functions calls ptrace.