PwnDiary

Everything about security

Page 2 of 8

[Angstrom CTF 2018] Rop to the Top Write-up (Pwn120)

Rop, rop, rop Rop to the top! Slip and slide and ride that rhythm… Here’s some binary and source. Navigate to /problems/roptothetop/ on the shell server to try your exploit out! Let’s analyze the file first.

The file is… Continue Reading →

[Angstrom CTF 2018] OFB Write-up (Crypto120)

defund made a simple OFB cipher, if you can even call it that. Here’s the source and the encrypted flag. Let’s look at the encryption script first.

First, it reads the flag.png and if the total number of bytes… Continue Reading →

[Angstrom CTF 2018] MadLibs Write-up (Web120)

When Ian was a kid, he loved to play goofy Madlibs all day long. Now, he’s decided to write his own website to generate them! When we checked the website, we see that we are expected to choose either┬áThe Tale… Continue Reading →

[Angstrom CTF 2018] Md5 Write-up (Web140)

defund’s a true MD5 fan, and he has a site to prove it. The website says that we need to give two different strings whose md5 hashes after prepended by the server’s secret salt are the same. It also shares… Continue Reading →

[Angstrom CTF 2018] Personal Letter Write-up (Pwn160)

Have you ever gotten tired of writing your name in the header of a letter? Well now there’s a program (source)to do it for you! Navigate to /problems/letter/ on the shell server to try your exploit out! Let’s analyze the… Continue Reading →

[XIOMARA CTF 2018] Slammer Write-up (Reverse200)

Slammer Let’s check the file first.

Let’s analyze it with IDA Pro.

First, it prints the string “password: “. Then, it allocates 0x100 bytes from the stack and reads up to 0x32 bytes from stdin. Since the buffer… Continue Reading →

« Older posts Newer posts »

Copyright © 2018 PwnDiary