POL1TC@L HOOK
  • Home
  • About
  • Cyber Security
  • Politics
  • Sports
  • Contact

Microcorruption: Level 1 - new orleans

1/16/2019

 
Picture
So this is the beginning of the Microcorruption CTF. It’s a embedded reverse engineering minigame. Please complete the Tutorial if you haven’t already before reading this. I recommend you read the lock manual as well. This will give you a basic understanding of LockIT and MSP430 Assembly.

DISCLAIMER: I’m really not an expert at reverse engineering/ assembly. If you notice a error on my behalf please tell me.

Lets begin

This level is very easy and can be solved in two different ways.
 
1) Check_password Function
First method is by analysing the check password function. Here we can see the compare being used between register r13 (your input) and memory address 0x2400. Going to the memory address reveals the password.



























2) Create_Password Function
 
In the previous method the password was found in memory, this method shows us that the password was actually hard-coded into the assembly and written to memory address 0x2400. 

Picture
​
The first instruction of the function moves r15 to the memory address. The remaining functions write the hardcoded password in. If your new, the hardcoded password is written in hex and highlighted in the yellow box.
 
Password: [mHub71

Comments are closed.

    Archives

    February 2024
    January 2023
    December 2022
    March 2020
    June 2019
    January 2019

    Categories

    All
    Malware
    Privilege Escalation
    Python
    Reverse Engineering
    Splunk

Powered by Create your own unique website with customizable templates.
  • Home
  • About
  • Cyber Security
  • Politics
  • Sports
  • Contact