Endianness

As a University research lab, we often have students who are not familiar with concepts that the professional security community finds second nature.

Stripe CTF Level01

On Febuary 22nd, the Stripe company ran a straightforward 6 level CTF. The first level provides a single setuid binary and corresponding source and the task of obtaining the flag (a password to another user’s account) from a text file (/home/level02/.password) owned and only viewable by the next level’s account. In addition, we have a single directory which we can write to.

School CTF: Count Them All

Being provided a txt file titled “long.txt” with the challenge title of “Count them all”, and the description “One important aspect of an inventory is to count all the swords you’ve got. Count them all.” was the premise for a challenge in the recent School CTF. Opening the file in a text editor (I used Notepad++) we can see that the file is comprised of a single line made up of a large amount of 1s. Using python we can easily open up the file and count the amount of 1s. It would be quite boring to do it manually.

Pop Pop Ret Finder

If you’ve attempt to write an SEH Record exploit, you know that it could be a little time consuming to find a pop pop ret instruction sequence inside a module that has SafeSEH off. This is because first you’d need to find which modules, if any, has SafeSEH off, and then search the sequence within those memory address. You could find the pop instruction for most registers, like “pop esp”, “pop eax”, “pop edx”, etc. Also, theres a good chance you don’t know the opcodes for these, so you’d probably assemble each of them to figure out the opcodes and then proceed to search for matches individually. The most frustrating part is that, after doing all this, it is very likely that there wasn’t any match to begin with.

iCTF 2011: Android Market Challenge

Not all applications on the Android market can be installed by all Android devices. More specifically, each Android device only allows the user to choose from the subset of applications that are considered suitable to be installed on that device. For example, if you visit the Android Market with your browser, you get a list of over 200 applications in the communications (top free) category. Using the Market on a Nexus One lists more then 100 Applications for that very same category. However, using the Android Market on the Android SDK simulator (API level 10, platform 2.3.3) only lists two applications. Give their names in alphabetical order separated by a comma.

SchoolCTF: Deadlamps

The Key Is superline. (Image taken down; http://blackbox.sibears.ru/uploads/6/school-ctf-2011-files/deadlamps.gif)

iCTF 2011 9x9 Choose Your Battles

SchoolCTF 2011: You just love this thing, right? Writeup

        The challenge “You just love this thing, right?” gives you a GNU/Linux EFL binary called “mazzze” (that’s contained within a gzip file called “mazzze.gz”). ‘mazzze’ is an ASCII game in which you must go through a ‘maze’ and get the combination to a safe that will give you the key. It begins with a help message and after you press return the actual game starts like this (the colors are for visibility):