Pierre Gaulon

Pierre Gaulon Github pages

View on GitHub

[Reverse] Ghost Wrangler

Again, a binary is provided. Running strings against it reveals a mangled string.

$ strings ghost
[...]
[GQh{'f}g wLqjLg{ Lt{#`g&L#uLpgu&Lc'&g2n%s
[4m%*.c
[24m| I've managed to trap the flag ghost in this box, but it's turned invisible!
Can you figure out how to reveal them?

Using Ghidra to inspect the get_flag function, we notice that a XOR (^) is used, and that the key is 0x13.

xor

We can thus use the XOR encrypted string and the key to recover the flag, for instance using DCode

decode