back2skool-3fbcd46db37c50ad52675294f566790c777b9d1f: ELF 32-bit LSB executable, Intel 80386, version 1 (SYSV), dynamically linked (uses shared libs), for GNU/Linux 2.6.24, stripped This is the binary for MathServ, “The one-stop shop for all your arithmetic needs”. $ nc localhost 31337 __ ___ __ __ _____ / |/ […]
This is the next level of Folly, the multi-level challenge from the Ghost in The Shell CTF. Note: I couldn’t complete this level during the CTF because of issues in getting my Debian Lenny and Squeeze qemu-system-arm images working with the Folly binary. I ended up blind coding the ARM […]
folly-b2632babf6ce9c2378630e364150ee2c84f47b73: ELF 32-bit LSB executable, Intel 80386, version 1 (SYSV), dynamically linked (uses shared libs), for GNU/Linux 2.6.26, stripped Folly was a multi-level challenge from the Ghost In The Shell Code CTF. This Write-up is for Level 2 based on the X86 architecture. It’s a sample text-game like this: $ […]
shiftd-3a9c2a55e77d1467ee46dfb931170c737d24f310: ELF 64-bit LSB executable, x86-64, version 1 (SYSV), dynamically linked (uses shared libs), for GNU/Linux 2.6.24, stripped Shiftd is an interesting X86_64 challenge combining information leak and exploitation. There is an hard-coded password for access to the service, then the binary asks you for your name and how you […]
funnybusiness-fb84813ddd932f6aceee0ed3a4e9f1e0a7082dc1: ELF 32-bit LSB executable, Intel 80386, version 1 (SYSV), dynamically linked (uses shared libs), for GNU/Linux 2.6.24, stripped After reversing this ELF32 binary, when we reconstruct the following connection handler: int __cdecl handler(int sock_fd) { int z_code; char zlib_input_buffer; strm.zalloc = 0; strm.zfree = 0; […]