Reverse Engineering w/GDB and Ghidra! | picoCTF 2022 #08 'Keygenme'

Nice demo! GDB is so sweet. Radare has always been my goto for reversing but I'm trying to experiment with Ghidra so a straight example like this was awesome. Also, thanks for not being obnoxious. I'll gently place a like and subscribe on this channel.

theadorelogon

Thanks! I have never used gdb (or ghidra) before, and with your help I managed to do my first reverse-engineering assignment for my university! :)

Meodoc

Your videos are totally underrated. This is pure gold for getting started. Thanks for the walkthrough. Stumbled across your channel when looking for "reverse engineering assembly" videos :) Please keep it up and keep uploading. Following!

womacko

Renaming things to make sense of the code flow was common, even back in the days with SoftICE before you had a GUI. Also though, rather than going into that function and Reversing it, you could just set its return value to the one you want without even messing with the logic in the function it enters.

aurinator

Awesome video. I was looking for Ghidra introduction video because I'm new to it and then found yours.
I didn't expect to have a great introduction to gdb too! It's not only helpful but also motivative. Thank you.

kromaki

I'm a complete noob when it comes to RE, but I understood most of this. Good job!

PerJensen-kr

This was super helpful man thanks a lot

skrillyvito

I really wish debug in ghidra was not so complicated. It could probably rival x96dbg, which I really really miss in linux, as no amount of gefs make gdb comfy for common operations

etopowertwon

I was select all variable and retype to char[x] char it worked.

axionet_dev

Hello, can i ask you why you can't find these values that the executable pushes onto the stack via Ghidra and you have to execute it via GBD and print them before returning? Where are these values coming from if they are not hardcoded somewhere? Are they obfuscated?
--edit
watching it again i see the MD5 uses the flag_pieces, which are hardcoded values, so theoretically you can reproduce this section of code and find the rest of the flag without GDB? I guess GDB is faster in this case, but i was wondering if there is something more i am missing.

nyxon_x

Do you have any guides for learning reverse engineering. The tools that you use and or the paths tat you recommend

rrkatamakata

If not then why not select the arch and mode directly insted of selecting windows executable for .exe files ?

MouatassimMajhoul

I really respect you and your hacking skills. Thanks for the video.

坂井正樹-gy

can you do reverse engineering state of survival using ghidra ?

muhammadziyad

Johnson George Jones Matthew Johnson Dorothy

XnndjehdhkNxndjhds