This binary asks for a number and a string and outputs it. While playing with value, we notice a negative number for the number will crash the program. $ nc 58.229.122.22 6666 Input Num : 32 Input Msg : TOTO Reply : ABCDEFGHIJKLMNOPQRSTUVWXYZ[\]^_`TOTO $ nc 58.229.122.22 6666 Input Num : […]
back2skool-3fbcd46db37c50ad52675294f566790c777b9d1f: ELF 32-bit LSB executable, Intel 80386, version 1 (SYSV), dynamically linked (uses shared libs), for GNU/Linux 2.6.24, stripped This is the binary for MathServ, “The one-stop shop for all your arithmetic needs”. $ nc localhost 31337 __ ___ __ __ _____ / |/ […]
This is the next level of Folly, the multi-level challenge from the Ghost in The Shell CTF. Note: I couldn’t complete this level during the CTF because of issues in getting my Debian Lenny and Squeeze qemu-system-arm images working with the Folly binary. I ended up blind coding the ARM […]
folly-b2632babf6ce9c2378630e364150ee2c84f47b73: ELF 32-bit LSB executable, Intel 80386, version 1 (SYSV), dynamically linked (uses shared libs), for GNU/Linux 2.6.26, stripped Folly was a multi-level challenge from the Ghost In The Shell Code CTF. This Write-up is for Level 2 based on the X86 architecture. It’s a sample text-game like this: $ […]
shiftd-3a9c2a55e77d1467ee46dfb931170c737d24f310: ELF 64-bit LSB executable, x86-64, version 1 (SYSV), dynamically linked (uses shared libs), for GNU/Linux 2.6.24, stripped Shiftd is an interesting X86_64 challenge combining information leak and exploitation. There is an hard-coded password for access to the service, then the binary asks you for your name and how you […]
funnybusiness-fb84813ddd932f6aceee0ed3a4e9f1e0a7082dc1: ELF 32-bit LSB executable, Intel 80386, version 1 (SYSV), dynamically linked (uses shared libs), for GNU/Linux 2.6.24, stripped After reversing this ELF32 binary, when we reconstruct the following connection handler: int __cdecl handler(int sock_fd) { int z_code; char zlib_input_buffer; strm.zalloc = 0; strm.zfree = 0; […]
Gadget was an electronic challenge at the Atast CTF. You get a schematic design for ISIS and .hex file for the PIC16F CPU. I choose to use the evaluation version of PIC Simulator just to visualize what this design was about: When you run the program, the 8 LEDs will […]
Description Are you 31337? Get your credentials checked here 94.45.252.242:1024 $ nc 94.45.252.242 1024 ID&PASSWORD 1337NESS EVALUATION Please enter your username and password User: aXs Password: toto u r not s0 1337zz!!! After some work in your favorite debugger, we can work with the reversing of our little binary: char […]
Mr. Menhall has invented his own encryption algorithm and promised to give the flag to anyone who manages to decipher the message: vWsMajX21l6BdKwDxaRA3utqhpvFL0V= def hashcrypt(msg, key): token = hashlib.sha1(key).digest() res = "" for c in msg: n = ord(c) ^ […]
We were able to intercept a suspicious file. This is an archive of correspondence between leading cryptographers of hostile organization. According to the agents’ data, during the conversation one of the respondents accidentally uses a file that is added as trusted to all computers of the organization. Their antivirus software […]