W4505 Capture the Flag V

	Coming Soon
	This page will serve as a writup for the CTF V competition problems.

Reverse Engineering[edit]

Stacktastic[edit]

[100 Points] Wth do push and pop mean??? Could you help me out and tell me what the stack will look like (from bottom to top) after this runs.
Hint: The flag is the elements on the stack from bottom to top, wrapped in ahsCTF{}

The challenge also provides the file stacktastic.asm.

When opening stacktastic.asm in a text editor, we see the following assembly code:

section	.text
	global _start
_start:
	push s
	pop ecx
	push s
	push t
	push h
	push i
	pop ecx
	pop ecx
	push a
	push a
	pop ecx
	push c
	push k
	pop ecx
	push u
	pop ecx
	push k
	push s
	push _
	push _
	pop ecx
	push r
	push r
	pop ecx
	push _
	push c
	push o
	push o
	push _
	pop ecx
	pop ecx
	push o
	push l
	
	;;; printing stack
	; code used to print stack has been redacted
	
	;;; exit program
	mov	eax, 1
	int	0x80

;;; constants
section .data
a db 'a'
b db 'b'
c db 'c'
d db 'd'
e db 'e'
f db 'f'
g db 'g'
h db 'h'
i db 'i'
j db 'j'
k db 'k'
l db 'l'
m db 'm'
n db 'n'
o db 'o'
p db 'p'
q db 'q'
r db 'r'
s db 's'
t db 't'
u db 'u'
v db 'v'
w db 'w'
x db 'x'
y db 'y'
z db 'z'
_ db '_'

Prerequisate: https://en.wikipedia.org/wiki/Stack_(abstract_data_type)

This code seems to define some constants that represent letters of the alphabet. These constants are later pushed on and popped off the stack using the push and pop instructions. The ecx after the pop instructions refers to the ecx register of where to store popped data. We can manually figure out what the stack will look like after this code runs by typing whatever characters are pushed in a text file, and clicking backspace upon a pop. We get "stacks_r_cool". We can wrap this in the flag wrapper to get ahsCTF{stacks_r_cool}.