CSAW Archives - codezen.fr

CSAW 2012 CTF – Exploit 500 Writeup

05/10/2012 aXs

Exploit 500 is the final exploitation challenge for CSAW CTF. It looks like a game asking questions. You get 2 tries per question. .text:08048CF7 buffer1 = byte ptr -4B4h .text:08048CF7 buffer2 = byte ptr -438h .text:08048CF7 answer = […]

CSAW 2012 CTF – Exploit 400 Write-up

04/10/2012 (04/10/2012) aXs

We have a binary with a format string vulnerability: $ nc localhost 23456 What would be the last word you want say before the Mayan Calender ends? Saying: %p %p %p %p Starting count down to the end of the world! 5 4 3 2 […]

CSAW 2012 CTF – Exploit 300 Writeup

03/10/2012 aXs

We have an interesting binary that uses signals to call functions. The most interesting handler is the user input handler: (function names are my own, binary was stripped) .text:080488C8 inputHandler proc near ; DATA XREF: sub_8048A3D+2Bo .text:080488C8 .text:080488C8 s […]

CSAW 2011 OpenGL

26/09/2011 aXs

In this challenge, you get a Windows binary, when you start it it only display a white windows

CSAW 2011 PatchManagement Write-Up

26/09/2011 (26/09/2011) aXs

In this Networking challenge, we get a short tcpdump capture file with a SSH session.

CSAW 2011 Android2 Write-up

26/09/2011 (26/09/2011) aXs

In this challenge we get an Android .apk with a crackme application

CSAW 2011 CrackJack Web6 Write-up

26/09/2011 (26/09/2011) aXs

In this challenge, we need to get administrator credential on someone’s site who loves cat, ajax and getting contact emails. A robot will visit any link you post in the contact form, this robot is at the same time logged in the site’s administrator account.

CSAW 2011 .NET1 Bin200 Write-up

26/09/2011 (26/09/2011) aXs

In this challenge, we get an archive with an encrypted file and an executable that was used to encrypt it. We have to decrypt this file to get the key.