One AAW to kill them all! nc hack.backdoor.infoseciitr.in 10004 Asset Links susalloc.zip The zip file contains only two files: $ ls libc.so.6 main $ file main main: ELF 64-bit LSB shared object, x86-64, version 1 (SYSV), dynamically linked, interpreter /lib64/ld-linux-x86-64.so.2, BuildID[sha1]=2f8ac9c08eff09f2b0900cdb7e0aa18a3aeb6299, for GNU/Linux 3.2.0, stripped $ grep -a "GLIBC " Read more…
Initial Analysis @anonymans and I (@rootk1d) tackled this challenge together. We were given a pcapng file for this challenge, and the goal was to find out what happened during the intrusion. We have also got the SSL keys to decrypt the TLS 1.3 traffic. So, first thing let’s import the Read more…
Description : Can you break it? http://3.113.172.41/ Initial steps When we open the challenge url we are provided with this : So what the challenge does, is that it launches a docker container (1 per minute max) for each player. we also can download the source of the docker container, Read more…
Variation on the theme of 0ctf's eeemoji. This challenge is running on Ubuntu 18.04. nc noemoji.hackable.software 1337 Unfortunately, we didn’t have the time to play this really awesome CTF but I got some time to have a look at the PWN challenges at the beginning of the CTF and this Read more…
description : Split this shit http://web2.ctf.nullcon.net:8081/ Initial steps When we first opened the website, we were presented with a static page that shows a GIF but on viewing the source code there was an ajax request being sent var xhttp = new XMLHttpRequest(); xhttp.onreadystatechange = function() { if (this.readyState == Read more…
The government has released a new set of rules. Do you choose to be among those who follow them blindly or among those who read them first? Flag Path: /home/pwn/flag.txt Author: FeDEX Remote: nc 138.68.67.161 20001 Checking the given binary and its security flags Reversing Throwing the binary to IDA, Read more…
[Writeup] Ananas Description In an unfortunate turn of events, trupples tried to become a camboy, It didn’t turn out so well… Here is what the family firewall recorded… Ananas was a reverse challenge in HackTM ctf 2020 Qualifications, I love packet analysis challenges, and this one was basically reverse in Read more…
Our company has been victim of a Ransomeware that damaged our "Secure share" website. Access to "Secure share" has been partially restored and traces of the malware have been deposited on it. Can you help us retrieve our files? http://defiltrate.insomnihack.ch/ So as the description shows, our target is to retrieve Read more…
Your favorite shellcode testing service, now in the cloud! nc 46.101.173.184 1446 The challenge only provides us with a non-stripped 64-bit binary. Running it gives us a menu with a couple of options as shown: Checking the binary’s security flags Reversing Firing up IDA, we find out a couple of Read more…
I read the challenge name, I act like its nothing, I download the challenge, use strings on it to make sure, please don’t be it, find that it is what I think it is, its a Go binary. shoots self I have been struggling with Go compiled binary challenges for Read more…