ezhpThis challenge is my first exp to exploit heap overflow bug. So more time is needed than other cases. Anyway, Given file is x86 stripped elf file. 123zero@ubuntu:~/Desktop/ctf/plaid2014$ file ezhpezhp: ELF 32-bit LSB executable, Intel 80386, version 1 (SYSV), dynamically linked, interpreter /lib/ld-linux.so.2, for GNU/Linux 2.6.24, stripped Colored by Color Scriptercs Applied memory protecti..
hudakThis Challenge is one of my interesting RE probs what the idea was quiet awesome! - Static AnalysisGiven prob is x86 stripped elf binary. 12zero@ubuntu:~/Desktop$ file hudakhudak: ELF 32-bit LSB executable, Intel 80386, version 1 (SYSV), dynamically linked, interpreter strippedcs let's open with IDA! First, we can see password check routine and get string from stdin. 1234567891011// - main ..
zfs 123Forensic : zfsThe Plague is using state of the art systems for storing his data. Our operatives managed to steal a drive from one of his servers, but it seems like our haste may have led to some uber-corruption. Can you get the data off the drive to track down The Plague?cs First i just search any strings in this file and i can get useful information 123456789101112131415zero@ubuntu:~/Des..
rsa 123Forensic : rsaOur archaeologists recovered a dusty and corrupted old hard drive used by The Plague in his trips into the past. It contains a private key, but this has long since been lost to bitrot. Can you recover the full key from the little information we have recovered?cs First, we need to recover corrupted private key. I just found a recovery tool. For using this tool, we need to ext..
2. Curlcore 1234Forensic - curlcoreWe managed to grab a memory dump off of The Plague’s computer while he was making a secure download. We think he may have been looking for new places to hide the Prime Factorizer. Can you figure out what messages were sent through his computer?Colored by Color Scriptercs First, Open the curlcore.sh and we could see the codes ... 1curl -k https://curlcore.local...