A Django site Valid XHTML 1.1 Strict Get Firefox

Gu1's Website - Posts taggés « ctf »

Yet another writeup for the Padocon 2011.
This time, i'm gonna talk about karma200, a level that we did not validate during the CTF, but i was curious to see how i could exploit it, so i worked on it with Mysterie, kutio, teach and others these last few days.

Like for karma100, we had ssh credentials to a linux box and found a setuid binary called attackme in the home directory. Here is the source code:

/*
 * Enjoy!
 *
 *
 *
 * */

#include <stdio.h>
#include <stdlib.h>
#include <string.h>
int main(int argc,char **argv)
{
        char buf[4];

        if(argc != 2 ...

2 Commentaires / Lire la suite...

Padocon 2011, writeup Karma 100
Par Gu1 le 21/01/2011 à 03:31 tags: ctf, english, format string, padocon, writeup.

Hello, This is another writeup for the Padocon 2011 CTF. This time, i'm gonna talk about a wargame-style binary exploitation level, karma 100. This one was not that difficult to exploit, in fact it took us only a couple of hours to obtain reliable code execution, but we were unable to find the flag until much later.

We were given ssh credentials and once logged in, we had a binary suid boom100 in our home directory with the source code.

#include <unistd.h>
#include <stdio.h>

/* hi, guys! */
/* This is just warm up :) */

int main( int argc, char *argv ...

5 Commentaires / Lire la suite...

Padocon 2011, writeup Forensic Quest
Par Gu1 le 18/01/2011 à 03:09 tags: ctf, forensic, padocon, scapy, writeup.

Salut,
Le premier gros CTF de l'année a eu lieu le week-end dernier: celui de la Padocon 2011, un CTF Coréen auquel j'avais déjà participé l'année dernière.
Le CTF lui même était plutôt bien foutu, bonne orga. Les épreuves étaient intéressantes, pas de guessing trop hardcore. J'ai participé avec la team w0ea-fhpr-abhf, on a du avoir vers les 1800 points, mais le classement complet n'a pas encore été publié...
J'ai travaillé sur quelques épreuves, certaines étaient sympa, comme la Forensic "Quest" que j'ai faite avec teach, bik3te (et d'autres ?). Voici donc un ...

3 Commentaires / Lire la suite...

smpCTF 2010 challenge #9 writeup
Par Gu1 le 22/07/2010 à 19:25 tags: ctf, english, heap overflow, smpctf, writeup.

Note: ce post est disponible en français sur le microblog nibbles.

This challenge was a heap overflow on linux. The glibc version was 2.7. We were not given the source code, but thanks to hex-rays, we had a good idea of what the code looked like. The vulnerable program printed some informations to make exploitation easier: "good heap allignment found on malloc() [somenumber]". We searched this sentence on the web and found this article. As we suspected, we were going to have to use the "House of Mind" technique. It seems that the code source of this challenge was ...

0 Commentaires / Lire la suite...

1
©opyleft Gu1ll4um3r0m41n, 2008-2010. Contact