crypto 115 - 108 solves We intercept an algorithm that is used among Androids. There are many hidden variables. Is it possible to recover the message?
Author: andre_smaira
Server: nc encryption.pwn2.win 1337
Challenge link
Challenge files
On connecting to the challenge service, we are given two options -
Also, in the server.py file, we see there are two functions, enc_plaintext and enc_flag.
Get the challenge from here
vm1.exe implements a simple 8-bit virtual machine (VM) to try and stop reverse engineers from retrieving the flag. The VM’s RAM contains the encrypted flag and some bytecode to decrypt it. Can you figure out how the VM works and write your own to decrypt the flag? A copy of the VM’s RAM has been provided in ram.bin (this data is identical to the ram content of the malware’s VM before execution and contains both the custom assembly code and encrypted flag).
The hxp CTF happens every year along with the Chaos Communication Congress (a top security conference). This year was the 36th edition. This CTF is a major CTF, you know this when the CTF has a rating weight of 63.0 on CTFTime. Also, it is one of the qualifier events of DEFCON 2020 CTF.
I was playing solo on this one and gave one day to this CTF. I managed to solve 2 problems in the main CTF and 2 in the Junior CTF.
This was a very fun CTF. Kudos to the organizers. I loved the problems, very interesting as well as challenging. I played this CTF with my team, Abs0lut3Pwn4g3. Our final rank was 54th.
Rev Challeneges Timeout File: timeout
The binary is unstripped, so we can easily see the main function. The disassembly looks something like this.
The functions, signal, alarm and delay all serve the same purpose, basically to either exit the program or delay its execution for a long time.
I couldn’t give much time to the CTF because of some college work, but I gave a shot at the PWN challenges. The challenges became offline later but I still decided to work on the exploit scripts to make them work locally.
Pwn Challenges thefirst - 379 pts We can see in the image below that gets is being used to take the input. Hence it can be exploited for buffer overflow.
A bit late for writeups, but still here are the solutions to the challenges I solved during the CTF. The CTF was from 15 Nov. 2019, 22:30 IST — Mon, 18 Nov. 2019, 10:30 IST. It was a decent CTF with quality challenges, from both beginner to advanced level.
Update: The scripts to solve and the flags are present in this repo.
I’ll do the writeups category-wise -
Crypto pre-legend — 100 pts
The Capture the Flag event for Codefest’19 was hosted from 8 pm, 23rd August 2019 to 12 noon, 24th August 2019 on Hackerrank.
The contest link can be found here. There were a total of 1532 registrations and 518 people who were successful in solving atleast one challenge.
So, onto the writeups.
Welcome to Codefest 19! (Intro Challenge — 100pts) This was the introductory challenge. I had tried to make it a bit difficult than the normal introductory challenges, but I felt that it proved to be a bit difficult for the beginners.
Implemented various papers on Linux Malware detection, where I analysed the structure of ELF files to determine whether they were malicious or benign. Approaches included the analysis of -
Symbol Table Opcode frequency ELF file metadata