Reverse-Engineering

A compiled ELF binary hid a hardcoded flag in its read-only data section. The strings utility extracted it without executing a single instruction.

Client-side password validation with per-character SHA-512 hashing. The password was recoverable by brute-forcing each character independently against the hash array exposed in the page source.