ben-sb@home:~$

  • Using Symbolic Execution to Devirtualise a Virtualised Binary

    Today I will be discussing a sample binary which features virtual machine obfuscation, an obfuscation technique where the source code is compiled to a custom bytecode language and executed by an interpreter for this language. I will not be covering the basics of how VM obfuscation works; if you would...

  • Deal or No Deal: Graphing a Binary Rev Challenge

    This post will describe solving a challenge from BYU Capture the Flag 2024. The challenge was called Deal or No Deal and was in the rev category. A compiled Rust binary is provided. Binary Ninja wasn’t great at handling this sample, so I used Ghidra instead. Following the entry point...

  • Reversing a Broken Rust Binary

    This post describes reverse engineering a Rust binary from the rev section of TBTL Capture The Flag 2024. The challenge is named Safe Rust and provides a compiled Rust program. The challenge description indicates that the program “isn’t functioning properly”, and indeed when we run it we get the message...

  • Template Virtualisation Obfuscation

    Today I’ll be discussing an interesting challenge from the rev category of University of Maryland Capture The Flag 2024. The challenge is named Typecheck and is accompanied by the cryptic description “My C++ code won’t type check. Can you fix that for me?”. Two files are provided: main.cpp and templates.cpp....