Description

Can you find the password? Enter the password as flag in the following form: HTB{passwordhere}

This executable has some annoying features such as anti-debug (easy to bypass) and also a custom strcmp function that is more annoying.

Looking at the binary start sequence we can see that there are 2 functions that are run before main:

One of them is a very simple anti-debug mechanism that alters the course of the program:

You can patch the exe or use debug to alter the funcion execution.

Afterwards you need to be careful how many arguments you feed the program. The check is made at:

4 arguments is enough (h h h h)

After you pass these checks another function will be created that will contain the flag. The flag will be xored with the key 0xA and then compared all in the strncmp function. Calls the new main:

The new main with encrypted strings:

Encrypted Flag:

key in fake strcmp:

Flag: