Everything about security



[noxCTF 2018] Att3nti0n Write-up (Reverse785)

For this challenge you need your full attention, it will be very helpful 😉 Note: the flag format for this challenge is slightly different. att3nti0n.exe We are given an .exe file. Let’s see if it is really a PE file…. Continue Reading →

[Angstrom CTF 2018] Product Key Write-up (Reverse200)

Artemis wants a copy of Windows, but she doesn’t feel like paying for it. She decided to hack Microsoft’s servers to generate a product key, and found their verification software, which runs on Linux for some reason. Can you get… Continue Reading →

[XIOMARA CTF 2018] Slammer Write-up (Reverse200)

Slammer Let’s check the file first.

Let’s analyze it with IDA Pro.

First, it prints the string “password: “. Then, it allocates 0x100 bytes from the stack and reads up to 0x32 bytes from stdin. Since the buffer… Continue Reading →

[XIOMARA CTF 2018] Envy Write-up (Reverse100)

The environment is everything that isn’t me. envy Let’s check the file format first.

Let’s disassemble its main function using IDA Pro.

The code looks really weird and meaningless. However, it has strings that indicate buffer overflow. That’s… Continue Reading →

[XIOMARA CTF 2018] Mario Mystery Write-up (Reverse50)

Young Mario was playing around with Android and wrongly built his app and crashed his app. Help him recover the flag he put in his server. Xiomara_2k18.apk We will decompile the apk. There are lots of different methods you can… Continue Reading →

[XIOMARA CTF 2018] FortuneJack Write-up (Reverse50)

If your smartphone gets connected to a VPN, you feel like you won a lucky draw. Lucky_Drawer.exe Let’s start with analyzing it with a PE analyzer like PEiD, RDG Packer Detector, etc. It is a .NET executable. Thus, we can… Continue Reading →

Copyright © 2020 PwnDiary