Writeups for Ducky1 & RevEnv from BYUCTF 2023

Published on May 24, 2023 by 0xRar

Writeups CTF Rev

2 min READ

This is our second year of BYUCTF last time we were placed 5th, I don’t normally solve Rev challenges but for this ctf i tried to solve at least the easy ones because of rev players shortage in our team and ended up liking it, so hopefully in future i would be solving these kind of challenges easily!

placement

Ducky1

  • Category: Rev
  • Difficulty: Easy

Description

I recently got ahold of a Rubber Ducky, and have started automating ALL of my work tasks with it! You should check it out!

Solution

For this challenge we are presented with a file: inject.bin, inject.bin is a binary payload made with DuckyScript for the Malicious USB RubberDucky and one of the useful tools for rubberducky users is the ducktoolkit you can try to get what commands and text that were used to create the inject.bin by uploading the binary.
ducky1

Flag: byuctf{this_was_just_an_intro_alright??}

RevEng

  • Category: Rev
  • Difficulty: Easy

Description

See if you can find the flag!

Solution

This challenge is a classic type rev challenge we are givin an executable/ELF64, running the executable will ask for a passphrase to give us the flag this could be really easy and solved just by looking into strings and decoding the passphrase.

┌──(kali㉿rar)-[~/Desktop/byuctf/rev]
└─$ strings ./gettingBetter 
[...]
Incorrect passphrase. Please try again.
Please enter the correct passphrase to get the flag: 
Congratulations! The flag is %s
;*3$"
Xmj%yzwsji%rj%nsyt%f%sj|y

figuring out what kind of cipher it is takes like 10 seconds using dcode.fr’s Cipher Identifier

RevEng RevEng-pass

  • Using gdb(pwndbg):
pwndbg> disassemble main
[...]
   0x00000000000011bf <+70>:	call   0x1319 <check_passphrase>

pwndbg> break check_passphrase
Breakpoint 1 at 0x131d

pwndbg> run
[...]
	*RDX  0x7fffffffdc50 ◂— 'She turned me into a newt'

pwndbg> x/s $rdx
0x7fffffffdc40:	"She turned me into a newt"



┌──(kali㉿rar)-[~/Desktop/byuctf/rev]
└─$ ./gettingBetter
Please enter the correct passphrase to get the flag: She turned me into a newt
Congratulations! The flag is byuctf{i_G0t_3etTeR!_1975}

Flag: byuctf{i_G0t_3etTeR!_1975}

Thank You For Reading ❤