Posted on May 19, 2022
tl;dr: buffer-overflow


Each challenge had a story tied to it, for this challenge it was:

D12 is one of Golden Fang’s missile launcher spaceships. Our mission as space pirates is to highjack D12, get inside the control panel room, and access the missile launcher system.
To achieve our goal, we split the mission into three parts. In this part, all we need to do is bypass the scanning system and open the gates so that we proceed further.

Attack the challenge

unzip the file and start analyzing.

sudo apt install -y gdb gdb-peda  

Look at the included history file:

$ cat .gdb_history  
b main  
disass main  
disass open_door  

try to run the program and see how it behaves

gdb sp_challenge  
2 (enter password)  

this will crash the program and get the fake flag.

try the same procedure on the remote server, and get the flag

[+] Door opened, you can proceed with the passphrase: HTB{th3_g4t35_4r3_0p3n!}

Flag: HTB{th3_g4t35_4r3_0p3n!}