Find the key. (File running at hackquest.ghostintheshellcode.com:7331) Category: exploitation Hint: source binary
Tag: python
Jan 08
GitS 2012 Teaser AL’s Revenge
Category: reverse, crypto Summary: LLVM bytecode with polynomial inversion file
Sep 21
hack.lu CTF 2011 Spy Aboard! (300)
Category: crypto We have a spy aboard! For around 5 minutes ago we intercepted an encrypted transmission to an enemy outpost. It seems like we interrupted the mole in the act because we found an open transmission program on our terminals. We are 100% sure that he sent the position of our fleet to the …
Sep 21
hack.lu CTF 2011 Antique Space Shuttle (300)
Category: exploiting Your command is to get as much information about the crew of an antique space shuttle. We know our acient father used finger as reference point at nc ctf.hack.lu 2003 Summary: bash injection, and buffer overflow on a suid binary to get more privilegies
Apr 27
PlaidCTF 2011 #18 – A small bug (250)
Category: pwnables Get access to the key using /opt/pctf/z1/exploitme. ssh username@a5.amalgamated.biz Username: z1_1 Password: GwB4eivw9NTvCjmobw1EnuyqcWfJs Summary: race condition, create a symlink before the file is opened binary
Apr 26
PlaidCTF 2011 #24 – Calculator (200)
Category: pwnables AED’s summer internship program is notorious for attracting terrible programmers. They’ve resorted to giving them some of the simplest projects to work on. We expect this service that the latest ‘All-Star’ intern worked on all summer is no where near secure. nc a9.amalgamated.biz 60124 Summary: python eval with some filtering
Apr 26
PlaidCTF 2011 #25 – PC Rogue (600)
Category: pwnables Amalgamated has banned the use of Solitaire due to loss of productivity. The only employee who would write a new game for everyone only likes ‘retro’ games, and has placed a text-adventure version of pacman on a company server. We don’t believe he could have coded this securely, and the server contains a …
Apr 04
Nuit du hack 2011 CTF Crypto 300
Crypto300 (150 pts.) source Python source code is very clear and concise, and could sometimes bring out lots of clues. This is particularly true for this challenge. Summary: key exchange algorithm based on permutations (braid based cryptography), has some vulnerabilities
Oct 31
Hack.lu 2010 CTF #16 (Rattlesnake’s Riddle) writeup
Solve this riddle to impress Captain Rattlesnake! download The .pyc file is a byte-compiled python code, and there is a wonderful tool called uncompyle to deal with it. $ decompyle secret.pyc > secret.py The decompyled file: 1. Takes 3 arguments 2. Checks 2nd to be 1337 3. Calculates ‘token‘ value, which is 11111112671 4. After some …