Skip to content
/ Rainfall Public

CTF like project to introduce us to reverse engineering with binary analysis

2 stars 0 forks Branches Tags Activity
Star
Notifications You must be signed in to change notification settings

alexandre-hallaine/Rainfall

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

76 Commits

bonus0

bonus0

 
 

bonus1

bonus1

 
 

bonus2

bonus2

 
 

bonus3

bonus3

 
 

elf

elf

 
 

files

files

 
 

level0

level0

 
 

level1

level1

 
 

level2

level2

 
 

level3

level3

 
 

level4

level4

 
 

level5

level5

 
 

level6

level6

 
 

level7

level7

 
 

level8

level8

 
 

level9

level9

 
 

README.md

README.md

 
 

Repository files navigation

RainFall

rainFall

42 project which aims to introduce us to reverse engineering.

RainFall is an ISO challenge slightly more complex than SnowCrash. You will have to dive deep into reverse engineering, learn to reconstruct a code, and understand it to detect faults. Will you reach the last level?

Since this is the second project of the security branch, we will be using the knowledge we acquired in the previous project, SnowCrash.

Foreword

Vision

For this project, we tried our absolute best to make our source files as accurate as possible. However, we couldn't always have the exact assembly code as the original binary. The following sources whom are not exactly the same as the original binary are:

Although the source code is not exactly the same as the original binary, it still works the same way and will allow you to solve the challenge.

If you are able to make the source code more accurate, please feel free to open a pull request.

We, sometimes, provided multiple solutions to a challenge. Simply because we thought it would be interesting to show different ways of solving a challenge. We're aware that we are missing a lot of solutions, but that was not the goal of this project.

Flags

In this project, you will need different flags for gcc to compile your own source code so that it matches the original binary. We have provided those flags at the top of every source.c file. However, let us remind you of them here:

  • -fno-stack-protector : Disable stack canaries
  • -z execstack : Allow execution on the stack (NX bit disabled)
  • -z norelro : Disable RELRO (Relocation Read-Only)

I've ignored some flags that are not useful or already enabled by default. Here is the default security flags for gcc:

level0@RainFall:/tmp$ gcc main.c
level0@RainFall:/tmp$ checksec --file a.out
RELRO           STACK CANARY      NX            PIE             RPATH      RUNPATH      FILE
Partial RELRO   Canary found      NX enabled    No PIE          No RPATH   No RUNPATH   a.out

Tools

We only used GDB for this project.
We heavily recommend you to stick to reading the assembly code and understanding the stack with your own head, it will not only be much more rewarding, but it will also help you understand the concepts better.

You could also not use any buffer overflow pattern generator for the more advanced of you.

MADE WITH LOVE BY :


Alexandre Hallaine (ahallain)
Intra 42
Assxios (droge)
Intra 42

About

CTF like project to introduce us to reverse engineering with binary analysis

Topics

security reverse-engineering gdb rainfall 42 ft 42cursus

Resources

Readme
Activity

Stars

2 stars

Watchers

1 watching

Forks

0 forks
Report repository

Releases

No releases published

Packages

No packages published

Contributors 2

  •  
  •  

Languages