CSAW Quals 2016 :: Neo :: Crypto 200

Posted by and filed under CSAW Quals 2016.

We start out with just a link and a bit of text, the link points to http://crypto.chal.csaw.io:8001 – though this probably won’t live forever. Once you go to the page, you would probably notice a few things Looks like it’s from the early xp era Seems to be centered around some movie that it’s named… Read more »

HITCON CTF 2016::Handcrafted::Rev-50

Posted by and filed under HITCON CTF 2016.

We were given a python file for this challege After looking at the decompressed data, I realized that the header had been removed, so I compiled a pyc file and got the correct header. Here is my Get_Bytecodes.py I then ran uncompyle2 ,which did not work completely due to some errors with ROT_2…. Read more »

HITCON CTF 2016::Flame::PPC-150

Posted by and filed under HITCON CTF 2016.

This was my first encounter with Power PC, so this challenge was definitely fun learning experience for me. Here is my best attempt at the decompiled source code. There is a global array containing values that are checked against user input. View the rest of this post here.

TUM CTF 2016::lolcpp::pwn-250

Posted by and filed under TUM CTF 2016.

We were given the source code for this challenge. There are two main bugs in this program. First, we have the strip_newline and fgets functions. From the fgets man page: So, if we add a NULL byte at the end of the password, strcpy will see the end of the string but fgets… Read more »

CSAW Qual 2016::Rock::Rev-100

Posted by and filed under CSAW Quals 2016.

There is a struct in this program. Three interesting functions, which I have called init_struct, check_len_and_xor, and is_valid_key See the rest of this writeup here.

CSAW Qual 2016::Warmup::Pwn-50

Posted by and filed under CSAW Quals 2016.

This was a very easy challenge. Basically, there was a win function at the address that is bring printed : 0x40060D. This function can be called with a simple buffer overflow. Here is my Exploit.py Which gave me the flag View the original post here.

CSAW Qual 2016::Sleeping Guard::Crypto-50

Posted by and filed under CSAW Quals 2016.

With this challenge, they gave us an encrypted png. After a bit of trial and error I realized all I had to do was xor the first few bytes of the encrypted file with the standard header of a png. I just downloaded a sample file. Here is my get_key.py Which gave me the… Read more »

MMA CTF 2016::Ninth::Misc-100

Posted by and filed under MMA CTF 2016.

I thought this one was a bit easy for the amount of points it was worth. Just use some binwalk magic:

MMA CTF 2016::Palindrome::Prog-50

Posted by and filed under MMA CTF 2016.

The challenge reads as follows: Here is my solution:

MMA CTF 2016::Reverse Box::Rev-50

Posted by and filed under MMA CTF 2016.

I found an unintended solution to this one, so I was pretty happy about that. The contents of the flag leads me to believe that I was intended to reverse a substitution cypher. But anyways, here is my solution. It was pretty obvious that I was dealing with some kind of cypher. The most important… Read more »