This writeup walks through a simple reverse engineering exercise from session 2 of Introduction to Reverse Engineering with Ghidra. We’re given a binary that expects an unknown key as a command line argument. We’ll use Ghidra to disassemble and decompile it, and then step through the code to figure out what the secret key is.

This challenge is a really basic introduction to reversing Linux programs (ELFs) made up of 6 different mini challenges. Tools we’ll use to solve these include strings, ltrace, and a software reverse engineering tool suite from the NSA known as Ghidra. These are meant to be beginner friendly challenges, although basic knowledge of programming and C is necessary. We won’t be writing any code here, but in the later challenges we’ll read through decompiled C code to solve them.