Tracer

So we’re given an exe, tracer to reverse. Disassembling it with objdump -D -Mintel tells us that there’s a strcmp somewhere in main. I set a breakpoint at it and run it in gdb(pwndbg is the extension):

To feel less like a script kiddy, I make sure that my suspicions were correct:

rdi(first arg) holds the pointer to our input("\n" in my case, I just hit enter)
rsi(2nd arg) holds the pointer to string it’s checked against(nactf{…})

rsi holds pointer to flag it’s checked against

*i nspect r egister

and

e x amine s tring, respectively

Tracer

FLAG: nactf{how_even_do_stream_ciphers_work_i_definitely_did_this_wrong}