[AlexCTF 2017][Writeup][RE1: Gifted]

Download here
Check it using file:

$file gifted

I see

gifted; ELF 32-bit LSB executable, Intel 80386, version 1 (SYSV), dynamically linked (uses shared libs), for GNU/Linux 2.6.32, stripped

It’s a ELF 32 bit file
Load it using ida32
And I see that:

.text:08048562                 push    dword ptr [ebp-0Ch]
.text:08048565                 push    offset aS       ; "%s"
.text:0804856A                 call    ___isoc99_scanf
.text:0804856F                 add     esp, 10h
.text:08048572                 sub     esp, 8
.text:08048575                 push    dword ptr [ebp-0Ch]
.text:08048578                 push    offset aAlexctfY0u_h4v ;
.text:0804857D                 call    _strcmp
.text:08048582                 add     esp, 10h
.text:08048585                 test    eax, eax
.text:08048587                 jnz     short loc_80485A3
.text:08048589                 sub     esp, 0Ch
.text:0804858C                 push    offset aYouGotItRightD ; "You got it right dude!"
.text:08048591                 call    _puts

It store flag in [ebp -0Ch] and compare with aAlexctfY0u_h4v
aAlexctfY0u_h4v = AlexCTF{Y0u_h4v3_45t0n15h1ng_futur3_1n_r3v3r5ing}

So, Flag is AlexCTF{Y0u_h4v3_45t0n15h1ng_futur3_1n_r3v3r5ing}

Flag is a string declare in code. So I can open file giftedusing text editor and search AlexCTF or using strings command in linux to got flag