Category Archives: CTF

Finite Fields for Mortals

I’ve been studying a bunch of cryptography lately, and I thought it would be nice to present finite fields in some relatively easy to understand way that doesn’t require too much prior knowledge. All that is really needed here is … Continue reading

Posted in CTF, Math | Leave a comment

UIUCTF2017 – uiuctfsck

This was a brainfuck interpreter that let you print out some internal machine state. Notice that the interpreter does not like it if we have the string “machine” in our format string. We examine the machine object, and notice that … Continue reading

Posted in CTF | Leave a comment

UIUCTF2017 – OldTV

Not many people solved this despite the author and I believing that this should have been an easy challenge. We were given the following program: Initially, you should try to verify the signature and compute , and realize that it … Continue reading

Posted in CTF, Math | Leave a comment

Codegate 2017 Prequals – BabyPwn

This was a straightforward ROP challenge, which was made difficult on our side due to bandwidth issues. Interestingly enough, every time we tried to leak the stack cookie it started with a null byte. We have a read primitive (actually … Continue reading

Posted in CTF | Leave a comment

Codegate 2017 Prequals – EasyCrack 101

We are presented with a zip file containing a bunch of ELF executables which serve as crackmes as well as a web server to submit the flags to each crackme. Doing some reverse engineering, we discover that one instruction always … Continue reading

Posted in CTF | Leave a comment

CSAW Finals 2016 – Cookie Math (250)

We are given a binary that does some math. The program checks a 30 byte string and some things are XOR’d while some are not. We solve this by doing some math. We can get a list of potential XOR … Continue reading

Posted in CTF | Leave a comment

CSAW Finals 2016 – LINQ To The Present (100)

We are presented with a .NET binary, and the hint says that we should consider this being run under Mono in a linux system. We disassemble the program using MonoDevelop and get: So we can do very SQL-ish things here … Continue reading

Posted in CTF | Leave a comment

CSAW Quals 2016 – Tutorial (200)

We are given a binary with a libc, so our first guess should be some ret2libc ROP attack. We are also given a very nice buffer overflow in practice(). We can get the address of something in libc by checking … Continue reading

Posted in CTF | Leave a comment

CSAW Quals 2016 – Warmup (50)

This is very clearly a buffer overflow to ROP. Where easy = system(“cat flag.txt”) Here we ROP into the middle of easy, before the system call, but you can ROP into the start of easy as well.

Posted in CTF | Leave a comment

CSAW Quals 2016 – Tar Tar Binks (400)

We are given a broken tar file and a dylib that was used to produce the archive. We can try to extract the tarball. We see that output is some repeated format of “XXXX,”, where X stands for a hex … Continue reading

Posted in CTF | Leave a comment