Tl;dr Cool encoding using Rubik’s cube, I wrote a Python script. This was a 1250 point Forensics challenge (highest points in the category). Here’s the description: By the time I took a look at the challenge, they had released a hint as well: Based on the hint, I quickly discovered that the challenge description described…
Read more
This was a 1200 point reversing challenge (tied for highest point value in the category). Here’s the description: This what we see when we run the binary: $ ./crackmePlease enter the correct password.>plsIncorrect password. utflag{wrong_password_btw_this_is_not_the_flag_and_if_you_submit_this_i_will_judge_you} Let’s take a look at the code in IDA Pro: Here’s what the decompilation shows: Read in 64 bytes from…
Read more
Problem Description Our once-venerable president has committed the unspeakable crime of dine-and-dashing the pizza during our own club meetings. He’s on the run as we speak, but we’re not sure where he’s headed. Luckily, he forgot that we had planted a packet sniffer on his laptop, and we were able to retrieve the following capture…
Read more
Thanks to Kees Cook for an awesome look at kernel security! Kees talked about how the kernel exploit for CVE-2017-7038 was discovered, which allowed privilege escalation due to a heap overflow. You can see his slides here, which also has information for building the POC images for the exploit. This was our last meeting for…
Read more
Tonight I talked about the new OSUSEC lab environment! A few systems are currently live, and more will be coming up through the end of the term, including the self-registration system. For information about the lab environment, please see the dedicated page for it.
Tonight we hosted Karl Fosaaen from NetSPI, and he gave an awesome talk on pentesting in an Azure environment. If you’re interested in learning more about this, check out the NetSPI blog or the Azure pentesting book he mentioned. Karl’s post on using Azure RunAs certificates is now live here.
Tonight I went over some basic usage of GDB, IDA Pro, and pwntools for solving the first pwnables on our CTF site. Link to the slides (requires ONID login). The slides have information on getting the tools installed, so if you are having issues with that, check the slides out.
Today we continued discussing reverse engineering and introduced 64-bit assembly. There are more samples on the GitHub repo. The only announcement for today is to RSVP for our upcoming event with NetSPI! They will be coming back on 2/21 to do a presentation on penetration testing, and answer any questions you may have. The RSVP…
Read more
Today we talked about some basic reverse engineering, and compare/contrasting x86 assembly with C code. There are some new challenges up on CTFd, rev[1-4] Link to the slides (requires ONID login)
Tonight we worked on buffer overflows, and some binaries on the new OSUSEC CTF platform. Slides (requires ONID login) Next week, we’re going to work on similar binaries, but comparing the assembly code with the C code.
Recent Comments