Possibly Related Threads…

Jesta81 · Oct 25, 2023, 05:36 PM

(Oct 21, 2023, 09:16 PM)cutearmadillo Wrote:
(Oct 21, 2023, 03:26 PM)Jesta81 Wrote: Any help with root part would be greatly appreciated. I can see the following main func for doodle in Ghidra but unsure where to go from here?

undefined8 main(void)

{
int iVar1;
long in_FS_OFFSET;
char local_58 [16];
char local_48 [56];
long local_10;

local_10 = *(long *)(in_FS_OFFSET + 0x28);
setenv("PATH","",1);
setuid(0);
setgid(0);
puts(
"[!]Caution this tool still in the development phase...please report any issue to the developm ent team[!]"
);
puts("Enter Username:");
fgets(local_58,0x10,(FILE *)stdin);
sanitize_string(local_58);
printf("Enter password for ");
printf(local_58,0x10);
puts(":");
fgets(local_48,400,(FILE *)stdin);
sanitize_string(local_48);
iVar1 = strcmp(local_58,"moriarty");
if (iVar1 == 0) {
iVar1 = strcmp(local_48,"findMeIfY0uC@nMr.Holmz!");
if (iVar1 == 0) {
puts("Welcome...!");
main_menu();
goto LAB_0040231e;
}
}

You use the information you've posted to bypass the auth on the binary and then check the rest of the code in ghidra. There are a lot of hints in this thread

Thank you for the nudge...got it!! Much appreciated!!

Possibly Related Threads…
Thread		Author	Replies	Views	Last Post
	[FREE] 300+ Writeups PDF HackTheBox/HTB premium retired	Tamarisk	369	91,704	5 hours ago Last Post: sabbyahmed
	[FREE] HackTheBox All Cheatsheets	Tamarisk	2	339	Today, 08:19 AM Last Post: hibreackignos
	CBBH Write Ups	hiddenhacker	22	6,206	Today, 06:39 AM Last Post: Usercomplex
	[MEGALEAK] HackTheBox ProLabs, Fortress, Endgame - Alchemy, 250 Flags, leak htb-bot	htb-bot	86	7,787	Yesterday, 11:39 PM Last Post: my4ri0d0
	rev_dudidudida	cavour13	1	246	Yesterday, 12:25 AM Last Post: 0xcreep