Challenge 36 ☆☆☆☆☆

Welcome to challenge 36. You need to guess the secret that is hidden in Java, Docker, Kubernetes, Vault, AWS or GCP.

Binaries without plaintext strings

We still hear developers introducing tricks and obfuscation to hide a secret in a binary. What if we strip symbols? What if we encrypt the secret? These challenges can make it harder to find the hidden secret, but not impossible.

[@roddas]( contacted us with a "new fun binary" where he encrypted the secret, wondering if we could make use of it. This was precisely the type of challenge you should be trying out! So we asked him to create a challenge out of it and solve it. He solved it with GDB and Radare2, which taught him much about reverse engineering! Can you do the same?

The challenge file is called wrongsecrets-advanced-c and can be found in many flavors in the executables folder.

Answer to solution :

Why should we be careful with the constants declared in the program?

Constants are fixed values useful for storing values that don’t need to change during program execution. During the reverse engineering process, binary exploration is a technique that consists of extracting the maximum amount of information from the binary to understand the logic of the program. However, some crucial information must be encrypted in such a way as to make said information challenging to read.

This shows that even encryption will slow an attacker down but not block him from finding the crucial information. Therefore, consider putting the crucial information online instead of only secured by offline encryption.