Everything about security



Capture The Flag write-ups

[SECCON CTF 2017] JPEG File Write-up (Binary100)

JPEG file Read this JPEG is broken. It will be fixed if you change somewhere by 1 bit. tktk-892009a0993d079214efa167cda2e7afc85e6b9cb38588cba9dab23eb6eb3d46 I started analyzing the file with the common tools.

As we can see, there is nothing interesting. So, I decided… Continue Reading →

[SECCON CTF 2017] Vigenere3d Write-up (Crypto100)

—– import sys def _l(idx, s): return s[idx:] + s[:idx] def main(p, k1, k2): s = “ABCDEFGHIJKLMNOPQRSTUVWXYZ0123456789abcdefghijklmnopqrstuvwxyz_{}” t = [[_l((i+j) % len(s), s) for j in range(len(s))] for i in range(len(s))] i1 = 0 i2 = 0 c =… Continue Reading →

[hxp CTF 2017] Babyish Write-up (Pwn100)

Please hack. Download: 917b8036bb39196f6a9388b9140eb322331406d1949f1af372fde87a5a5b1aff.tar.xz Connection: nc 45067 We are given some files including the source code of the vulnerable binary and the libc file from the server.

Let’s start with reading the source code.

It reads our… Continue Reading →

[HITCON CTF 2017 Quals] Start Write-up (Pwn132)

Have you tried pwntools-ruby? nc 31337 We are given two files. A server code written in ruby and an ELF binary which is statically linked.

Let’s look at the ruby script first.

It says ‘The binary “start”… Continue Reading →

[Kaspersky Industrial CTF Quals 2017] Bad Computations Write-up (Crypto800)

The creators of a certain system have taken care of the security of storing users data and encrypted users passwords. To register a new user the administrator should enter encrypted password into the database. You were able to get a… Continue Reading →

[Kaspersky Industrial CTF Quals 2017] Backdoor Pi Write-up (Reverse300)

We are doing an project for a school competition in which we need to use a Raspberry Pi to make an IOT prototype. We received SD cards from the professor, and because we lost ours we asked another group to… Continue Reading →

Copyright © 2018 PwnDiary