Expertise gained during Capture The Flag competitions to support the security research community
Last week our CTF team took second place in the hack.lu competition. The competition was part of Hack.lu 2016 – an open convention / conference where people can discuss about computer security, privacy, information technology and its cultural / technical…
Points: 150 Category: PWN Description You are still trying to get code execution on your own? Hahaha. There is an app for that! We are now introducing Remote Code Execution as a Service (RCEaaS). Pro tips: +[--->++<]>.++++[->++++<]>+.++++++++++.----------.+++++++++++.[---->+<]>+++.-[--->++<]>--.++++++++++++..----.[-->+<]>++.-----------..[--->+<]>+++.[--->+<]>.--------.[->+++++<]>--.+[--->+<]>++++.++++++.[--->+<]>-----.---[->++<]>.++[--->++<]>+.>++++++++++. Flag is at A:\FLAG.TXT…
Points: 50 Category: re Description I found this onion in my kitchen, may I ask you to dissect it? https://www.youtube.com/watch?v=LowwCyZHBBk download Solution The file we downloaded is an ELF 64-bit executable. First, let’s try running it:
|
1 2 3 |
$ ./zwiebel Input key: hxp{test} :( |
Link: https://score.ctf.westerns.tokyo/problems/38 (only for logged in users) Points: 300 Category: forensic, PPC Description The stupid RAID NAS fails after two disks are crashed. Please rescue our exploit source code. Incomplete RAID emulator is attached. defective-raid.7z tl;dr Provided archive contains custom RAID implementation…
Link: https://score.ctf.westerns.tokyo/problems/5 (only for logged in users) Points: 50 Category: forensic, warmup Description Today, our 3-disk NAS has failed. Please recover flag. deadnas.7z Hint 1: The NAS used RAID. Hint 2: RAID-5 Solution
|
1 2 3 4 5 6 7 8 9 10 11 12 |
$file disk* disk0: DOS/MBR boot sector, code offset 0x3c+2, OEM-ID "mkfs.fat", sectors/cluster 4, root entries 512, sectors 2048 (volumes <=32 MB) , Media descriptor 0xf8, sectors/FAT 2, sectors/track 32, heads 64, reserved 0x1, serial number 0x867314a9, unlabeled, FAT (12 bit) disk1: ASCII text disk2: data $ ls -lh 512K disk0 12 disk1 512K disk2 $ cat disk1 crashed :-( |
From above output we know that disk1 is missing.…
Link: https://score.ctf.westerns.tokyo/problems/22 (only for logged in users) Points: 100 Category: Misc Description Find the flag. This problem is not image based on steganography. tl;dr Take data from IDAT chunk, decompress it and grep for TWCTF. Solution explanation The first step…
Description Host : pwn2.chal.ctf.westerns.tokyo Port : 16317 Note: To prevent from DoS attacks, output length is limited in 131072 characters. As always our task is to obtain the flag on the remote server and as always we will try to…
Last weekend our team won the IceCTF contest! Link to full ranking ceCTF is a computer security contest targeted at anyone with an interest in computer science. Held by the icelandic team cRUcible, the contest gathered over 1690 teams from…
Link: https://wargame.whitehat.vn/Challenges/DetailContest/136 Author: WhiteHat Wargame Points: 100 Category: pwn Description ssh [email protected] 1094 68bZ$wRn Resources the binary (gzipped) Walkthrough part 1 We have been given shell access to a remote machine. The pwnguest user was extremely limited – no access…
Link: https://wargame.whitehat.vn/Challenges/DetailContest/143 Points: 200 Category: Forensics Description http://material.wargame.whitehat.vn/contests/11/for1_206e72e52f2f73fa1a1080b70d528657.zip nc 118.70.80.143 7337 tl;dr https://codisec.com/veles/. Zip archive containing disk image. Mount it with ntfs-3g. There is a binary file and after looking for deleted files you can also find a .pyc file. Turns out the…