Taha Azzaoui

The Binary Bomb: Part 0

2017/12/20

Introduction

The binary bomb is this reverse engineering exercise written by these two dudes at CMU who basically wrote the bible on computer architure (seriously, what a fantastic book): Randal Bryant and David O’Hallaron. You can find the bomb here.

I had to complete the lab as part of a course but I learned enough along the way that I figured I’d write up the steps I took to solve it.

Note:

The binary was compiled on a 32-bit machine, so you’ll need access to a 32-bit processor to run it (or enable multilib if you’re on linux; not sure how this works in Windows land). Otherwise, you can always say screw it and install a 32-bit Ubuntu image using Virtual-Box.

How it works

The idea is pretty simple, the bomb is the resulting binary of an intentionally obfuscated program originally written in C. It has a sequence of six phases, each of which expects the input of a specific string via stdin. If the string is correct, the phase is then "defused", at which point we’re allowed to move on to the next phase. Otherwise, the bomb "explodes" (outputs "BOOM!!!" to stdout) - scary stuff. Every time the bomb explodes, we have to restart from the initial phase. The goal is to get through all 6 phases without an explosion.

Our toolbox

I’ll be using linux here (obviously), along with some basic GNU tools you can find on any distro.

Here’s a list:

  1. The GNU Debugger (GDB)
  2. ObjDump
  3. Strings

Click here for Phase I