Author Archives: incertia

Codegate 2017 Prequals – EasyCrack 101

We are presented with a zip file containing a bunch of ELF executables which serve as crackmes as well as a web server to submit the flags to each crackme. Doing some reverse engineering, we discover that one instruction always … Continue reading

Posted in CTF | Leave a comment

Arch Linux Install Guide For EFI Systems

Because nobody seems to know how to actually install Arch, here’s a brief guide. Setup: You need a machine to install Arch on. You also need a version of the Arch installation disk on some bootable medium. You can see … Continue reading

Posted in Software | Leave a comment

CSAW Finals 2016 – Cookie Math (250)

We are given a binary that does some math. The program checks a 30 byte string and some things are XOR’d while some are not. We solve this by doing some math. We can get a list of potential XOR … Continue reading

Posted in CTF | Leave a comment

CSAW Finals 2016 – LINQ To The Present (100)

We are presented with a .NET binary, and the hint says that we should consider this being run under Mono in a linux system. We disassemble the program using MonoDevelop and get: So we can do very SQL-ish things here … Continue reading

Posted in CTF | Leave a comment

Pullbacks of Differential Forms

Let be a smooth map between manifolds and let be a smooth -form on . We have the natural push forward/total differential given by , where is a curve satisfying and , but this also gives a natural way to … Continue reading

Posted in Math | Leave a comment

A Bad Attempt At Connecting Differential Forms And Multivariable Calculus

So after taking MVC, we’ve all been through those tedious proofs that and . Here, we give a unified way to view these identities. We start by giving the notion of a tangent space of a point in , which … Continue reading

Posted in Math | Leave a comment

CSAW Quals 2016 – Tutorial (200)

We are given a binary with a libc, so our first guess should be some ret2libc ROP attack. We are also given a very nice buffer overflow in practice(). We can get the address of something in libc by checking … Continue reading

Posted in CTF | Leave a comment

CSAW Quals 2016 – Warmup (50)

This is very clearly a buffer overflow to ROP. Where easy = system(“cat flag.txt”) Here we ROP into the middle of easy, before the system call, but you can ROP into the start of easy as well.

Posted in CTF | Leave a comment

CSAW Quals 2016 – Tar Tar Binks (400)

We are given a broken tar file and a dylib that was used to produce the archive. We can try to extract the tarball. We see that output is some repeated format of “XXXX,”, where X stands for a hex … Continue reading

Posted in CTF | Leave a comment

General Stupidity Part 1

I’m not sure if the intended audience is ever going to read this, but I’m going to leave a note here for the sake of noting things down. I will probably be the most boring person you will ever meet. … Continue reading

Posted in Uncategorized | Leave a comment