[GhostRed CTF - Owasp Israel 2017] Old School Cool
Writeup by blvckp
At first we need to check if the executable was packed with a packer of some sort.
I’ll use “DetectItEasy” for this check:
Nice, the executable isn’t packed!
It’s now time for RE, let’s use IDA Pro. (I use the newest version - 7.0)
When I try to RE something I always open the “Strings window” first, to find some helpful messages which can have xrefs for important functions.
[Read More]