dMd (50 pts)¶
Flag is : The valid input
Analyze the file by Trid.
$ ./trid_Linux64 dMd TrID/64 - File Identifier v2.20 - (C) 2003-15 By M.Pontello Definitions found: 5988 Analyzing... Collecting data from file: dMd 49.7% (.) ELF Executable and Linkable format (Linux) (4025/14) 49.4% (.O) ELF Executable and Linkable format (generic) (4000/1) 0.7% (.CEL) Lumena CEL bitmap (63/63)
So this is an ELF file. let's Run the app. we should find the valid key!
$ ./dmd Enter the valid key! 123 Invalid key! :(
Analyze the file by IDAPro and reverse the main function by Hex-Rays!
It is very clear that the program requests the valid key and then calculate MD5 of the input and finally compares with
Decrypt the 780438d5b6e29db0898bc4f0225935c0 by MD5Online and get the flag.
DecryptMD5(780438d5b6e29db0898bc4f0225935c0) = b781cbb29054db12f88f08c6e161c199