Shabondy KPMG Cyber Security Challenge 2021

Shabondy is CTF From KPMG Cyber Security Challenge 2021

we use strings Shabondy.exe, but nothing is useful.

we disassemble the program using ida.

after analyze, first box is input password.

and once we enter the right password, the second box is output.

We try to skip the condition, which means that we can input anything and move directly to the flag without checking the password, but first we must assign the address name.

we use Assemble to skip condition to flag by click Edit > Patch Program > Assemble

with this graph we patch the program it skips to the flag after the password is entered.

We start the application, enter any password, and then receive a flag that appears to be encrypted.

UEYM{RTXRY_EUXKIQY}

but we don’t know which algorithm but we get key so we search for “cipher text with key” and found it might be Vigenere Cipher.

we input flag with key and obtained the actual flag.

Pressing F5 on the IDA gives us another choice. By decompiling the code and analyzing the results, we discovered a variable called v20 that contains a text array.

we copy to cyberchef and convert ASCII to Text to obtain the program’s actual password.

KMGPas8M0rP{}$8@b0endW8yKPMR3f3R

Finally, we returned to the default software, entered password, and received the flag.

KPMG{HELLO_PIRATES}