Diefunction
  • About
  • Vulnerabilities
    • GHSL-2021-023 / CVE-2021-32819
  • BlachatMEA Finals 2024
  • CTF
    • Technology Control Company
      • Athackcon CTF 2021
        • Trust
        • Config
        • Extend
        • Poison
      • Blackhat MEA 2022
        • CTF Setup on Kali linux
        • Careers
        • SOC Complaints
    • Athackcon
      • POLL
    • Cyber Night 3
      • Client Hell
    • BlackHatMEA Quals 2022
      • Spatify
      • PeehPee
      • Meme generator
      • Black notes
      • Jimmy's blog
    • BlackHatMEA Quals 2023
      • Web - Hardy
      • Web - Authy
      • Reverse engineering - light up the server
    • BlackhatMEA Finals 2024
      • PWN
    • BITSCTF - Reverse Mishap
    • Cybernights 2025
      • REVERSE
      • PWN
    • BYUCTF 2025
      • PWN
Powered by GitBook
On this page
  • Solution
  • After Analyzing the server in IDA Pro and Flare CAPA
  • Finding a match string via regex101
  • The Flag

Was this helpful?

  1. CTF
  2. BlackHatMEA Quals 2023

Reverse engineering - light up the server

PreviousWeb - AuthyNextBlackhatMEA Finals 2024

Last updated 3 months ago

Was this helpful?

Solution

After Analyzing the server in IDA Pro and Flare CAPA

The rule detected a regex as obfuscated stack strings

/^([a-z]?[^a-e,g-z])la[g]{(h)0(s)t_\2(e)4d\4(r([_]?[^a-z]))(!)n((j(3))cti0)n(_)1s\6{1}5up3\5c3wl}$/gm

Finding a match string via regex101

The Flag

flag{h0st_he4der_!nj3cti0n_1s_5up3r_c3wl}
Flare capa
Match flag