Hey, today I am going to write a article about reversing a stripped binary . A stripped binary is a binary which does not conatin any debugging symbols . It runs faster than non stripped binaries
As you can see it is a stripped binary . Now open the file in gdb . Now run the file .
As you can see it ask for key and we don’t have it . Entering any random input gives us a “wrong key” message . Now lets see the entry point . Type “info file” and press enter .
You can see the entry point . Now set a break point at that entry point at that address . This is the command “break *address” . Then run it . It will stop because of the break point . Type “x/200i $rip” in gdb to see the instructions
Now you can see the assembly dump . Go through the assembly to get a idea of the logic . The program takes some input . If the input is true then it takes another interger as input then it runs a if-statement and compares to a integer . If it is true then the program goes through a another similar if statement and the process repeats for 4 times . Now lets get to the reversing
Set a breakpoint at the jump statement after strcmp function
Then continue the program execution . Now we are going to change the Zero flag bit of the eflags register . We will change it to 1 . Since we want the condition to be true
Since zero flag is the sixth bit . We will use this command “set $ZF=6” .
Then we will rewrite the zero flag with this command “set $eflags |= (1<<$ZF)”
You can see the zero flag is added in the eflags register . Now continue the program . So what we have done is we changed the zero flag bit to 1 . If the zero flag is 1 then the true part of the program executes .
If you find this don’t panic . Its not showing here but it is a scanf statment . Now lets take a look at the assembly .
Here you can see it compares to 1 . So we will input 1 in the program .
After this we get another non-verbose scanf statement . Look in the assembly code . You will see that you need to enter 7,8,5 . If you do that correctly you will see this output .
Thats it . We cracked the bianry . If you do it as I say you can crack a basic stripped binary
