🧛
Acaard
  • WHOAMI
  • writeups
    • HTB Boxes
      • Headless (Easy)
      • Codify (Easy)
      • Builder (Medium)
      • Usage (Easy)
      • Sightless (Easy)
      • Cicada (Easy)
      • Yummy (Hard)
    • TuxCTFv2
      • Vampires Checker (Reverse)
      • wannaGOwithme (Reverse)
      • TuxHouse (Machine)
      • The Lair (web)
      • Die Todten (OSINT)
  • 💻Random but useful
    • Tmux
    • CPTS Review
Powered by GitBook
On this page
  1. writeups
  2. TuxCTFv2

wannaGOwithme (Reverse)

wannaGOwithme solution (easy).

PreviousVampires Checker (Reverse)NextTuxHouse (Machine)

Last updated 5 months ago

We see a binary, which is probably written in GO, because of the question's name, running it only give us the following:

./wannaGOwithme 

luv u ^_^

Let's open it in Ghidra:

Checking the functions, we see the main, and a function called "solve", which has an array called DAT_00480d68 and first character is it t which can hint us towards the flag, so checking the array in the assembly view in Ghidra we see:

We see the flag is stored there in hex, and being rendered, so we can just copy the whole thing (copy "byte string"), and put it in CyberChef to convert to ASCII and remove null bytes:

Functions in Ghidra
Showing the array
The flag