SpookyPass

Extracted STRINGS to steal password.

Link

Room Link


Process


They’re coming to get you, Barbara. That’s right a challenge called SpookyPass.

First up, let’s run file to know what type of file that we are have.

bash 

┌──(kali㉿kali)-[~/Desktop/rev_spookypass]
└─$ file pass  
pass: ELF 64-bit LSB pie executable, x86-64, version 1 (SYSV), dynamically linked, interpreter /lib64/ld-linux-x86-64.so.2, BuildID[sha1]=3008217772cc2426c643d69b80a96c715490dd91, for GNU/Linux 4.4.0, not stripped


Run the binary to see what it does.

bash 

┌──(kali㉿kali)-[~/Desktop/rev_spookypass]
└─$ ./pass  
Welcome to the SPOOKIEST party of the year.
Before we let you in, you'll need to give us the password: biteme
You're not a real ghost; clear off!


Run strings against the binary. Search the list for the password.

bash 

<snip>

Welcome to the 
[1;3mSPOOKIEST
[0m party of the year.
Before we let you in, you'll need to give us the password: 
s3cr3t_p455_f0r_gh05t5_4nd_gh0ul5
Welcome inside!
You're not a real ghost; clear off!

<snip>


Re-run the program and use the password from strings.

bash 

┌──(kali㉿kali)-[~/Desktop/rev_spookypass]
└─$ ./pass      
Welcome to the SPOOKIEST party of the year.
Before we let you in, you'll need to give us the password: s3cr3t_p455_f0r_gh05t5_4nd_gh0ul5
Welcome inside!
<redacted>