PwnDiary

Everything about security

Month

February 2018

[XIOMARA CTF 2018] Slammer Write-up (Reverse200)

Slammer Let’s check the file first.

Let’s analyze it with IDA Pro.

First, it prints the string “password: “. Then, it allocates 0x100 bytes from the stack and reads up to 0x32 bytes from stdin. Since the buffer… Continue Reading →

[XIOMARA CTF 2018] Flag Locker Write-up (Web200)

We keep the flag secure. Secure!?. http://103.5.112.91:1234 Let’s check the website first.

We have two links. Let’s check both.

It looks we have Local File Inclusion (LFI) here. Let’s try to retrieve the source files for these two… Continue Reading →

[XIOMARA CTF 2018] Dig_Deep Write-up (Forensics150)

In reality, those rare few cases with good forensic evidence are the ones that make it to court. private.rar After extracting the file from the archive, I checked its signature first.

It is a DOS/MBR boot sector file. Since… Continue Reading →

[XIOMARA CTF 2018] Envy Write-up (Reverse100)

The environment is everything that isn’t me. envy Let’s check the file format first.

Let’s disassemble its main function using IDA Pro.

The code looks really weird and meaningless. However, it has strings that indicate buffer overflow. That’s… Continue Reading →

[XIOMARA CTF 2018] Mario Mystery Write-up (Reverse50)

Young Mario was playing around with Android and wrongly built his app and crashed his app. Help him recover the flag he put in his server. Xiomara_2k18.apk We will decompile the apk. There are lots of different methods you can… Continue Reading →

[XIOMARA CTF 2018] FortuneJack Write-up (Reverse50)

If your smartphone gets connected to a VPN, you feel like you won a lucky draw. Lucky_Drawer.exe Let’s start with analyzing it with a PE analyzer like PEiD, RDG Packer Detector, etc. It is a .NET executable. Thus, we can… Continue Reading →

Copyright © 2018 PwnDiary