Friday, December 29, 2017

34C3 Junior CTF

CTF: 34C3 Junior CTF 2017 Challenge: SPI Category: Misc We are given a sound file to listen to, which is a recording of various values. Writing them all down gives us the following: 76 83 48 116 76 105 52 103 76 83 48 116 76 83 52 103 76 105 48 117 76 83 65 116 76 83 48 116 76 105 65 116 76 105 48 117 76 83 52 103 76 83 48 116 76 83 48 103 76...

Sunday, December 17, 2017

InCTF | Web Challenge: Liar

Challenge: Liar Category Web When the site loads, there is nothing on the page except for a message that nothing is on their website--but we know, as the title of the challenge states, this is a big, fat lie. The hint tells us that the site is using some form of VCS, and after some testing, I discovered the site was using Mercurial. Based on...

InCTF | Rev Challenge: Time

Challenge: Time Category Rev Since this was an ARM file I couldn't find a way to run it on my machine, so I stuck to disassembling the binary file with Binary Ninja. Looking at what was going on, I found a big segment of data that definitely looked like it could be important. Working backwards from here, it became clear that the function that...

Saturday, December 9, 2017

SECCON 2017 CTF

CTF: SECCON 2017 Challenge: Run Me! Category: Programming If you immediately recognize this script as something that is familiar to you, you are right! It's a script for getting the nth number of the Fibonacci sequence (with some other stuff for our flag). One problem though--the number we need for the flag is SUPER big and it would take waaaay...

Monday, December 4, 2017

Shellter Hacking Express #18 | Authenticate Me

CTF: Shellter Hacking Express #18 Challenge: Authenticate Me Category: Rev/Pwn This was a pretty neat little rev/pwn challenge. To start, we need to SSH in with the credentials provided. Exploring the directory we are dropped into there is a flag.txt file, but unfortunately we are not root so we can't open it. However, there is also a program...

Sunday, November 26, 2017

TUCTF 2017 | Rev and Pwn Challenges

Challenge: Funmail Category: Rev Running the binary, we are prompted for a username and password. We already know the username, so we need to find out the password. This is easy enough because it is hard coded and can be discovered by running strings on the program. Now we log in with our credentials and read the email, which gives us our flag! Challenge: Funmail...
Subscribe to: Posts (Atom)
Powered by Blogger.