dMd (50 pts)

Question:

Flag is : The valid input

Write-Up:

Analyze the file by Trid.

$ ./trid_Linux64 dMd 

TrID/64 - File Identifier v2.20 - (C) 2003-15 By M.Pontello
Definitions found:  5988
Analyzing...

Collecting data from file: dMd
 49.7% (.) ELF Executable and Linkable format (Linux) (4025/14)
 49.4% (.O) ELF Executable and Linkable format (generic) (4000/1)
  0.7% (.CEL) Lumena CEL bitmap (63/63)

So this is an ELF file. let's Run the app. we should find the valid key!

$ ./dmd
Enter the valid key!
123
Invalid key! :(

Analyze the file by IDAPro and reverse the main function by Hex-Rays!

more.

It is very clear that the program requests the valid key and then calculate MD5 of the input and finally compares with 780438d5b6e29db0898bc4f0225935c0. Decrypt the 780438d5b6e29db0898bc4f0225935c0 by MD5Online and get the flag.

DecryptMD5(780438d5b6e29db0898bc4f0225935c0) = b781cbb29054db12f88f08c6e161c199