Posts

Insomni'hack 2024 - Award Challenge

Image
As I haven't posted for a long time and now participated in the Insomni'hack 2024 CTF, I thought I write about the challenge "award", which I thought was quite interesting. After solving another easy challenge, I spent pretty much the entire night of the CTF on it, but only finished the next day, when the CTF was already over. Given was a binary. If you want to follow-along, you can find the binary here  (encoded as base64 with added line breaks). Additionally, there was given an nc command to run that remote, so the binary was only for analysis of what runs on the remote side. So the analysis and decompilation of the binary could be easily done in any of the usual tools. I used Binary Ninja , as I have a license for it and it's not that expensive. I spent quite some time in setting the right variable names etc. The decompiled code looks like this: Decompiled Code Note: There were also stack cookies in the main function added by the compiler, but that code has be
Post a Comment
Read more

CTF Challenges from Cyber Security Base with F-Secure 2018/2019

Image
Introduction As already last year (2017/2018) and the year before, the University of Helsinki (Finland) organized an online course on mooc.fi called Cyber Security Base with F-Secure . You could get 10 ECTS credits for participating. "By the end of the course, hard working participants are expected to possess the skills required from those who work as Junior Security Consultants in the industry." I participated the first year and I liked it. The last part of the course is a CTF (Capture the Flag) challenge in jeopardy style, which I participated in both previous years. It's a beginner-level CTF to get people into the topic, which is very appreciated. Unfortunately this year a few things went wrong. The communication was broken; nobody could be contacted and there was no chat channel, so that the two broken challenges were not solvable (more on that later). The instructions on the info page didn't match the reality and the starting date and time was not only delay
Post a Comment
Read more