kilbouri/rootme

Solutions, scripts, and working files for solving rootme challenges. Emphasis on reverse engineering ("cracking") and static analysis.

My working files and solutions to rootme puzzles, with an emphasis on reverse engineering ("cracking") and static analysis.

Software Used

• Python 3.12
• Hex-Rays IDA Free
• Cutter
• ILSpy

Useful Documents

• x86 ISA reference - coder32
• x86_64 ISA reference - coder64
• ARM ISA reference - arm-cheatsheet by oowekyala

Cracking

The cracking/ folder contains solutions to the cracking puzzles on rootme.org. These puzzles generally involve static analysis of an executable, deobfuscation, and other reverse engineering.

In general:

• flag.dat is the final flag used to complete the challenge
• note.md, if present, may contain notes about how the flag was obtained (such as specific commands used)
• *.i64, if present, contains the final state of the IDA Free disassembly of the input
• *.rzdb, if present, contains the final state of the Cutter disassembly of the input
• Additional scripts, if present, are usually written in Python 3 and would have been derived from IDA pseudocode or assembly