Category: Reverse Points: 150 Solves: 108 Description:

Run and capture the flag!

Download serial

This challenge was another great challenge to use angr on. Right off the bad we can see it will be a "find the correct serial number" problem.

 

$ file serial
serial: ELF 64-bit LSB executable, x86-64, version 1 (SYSV), dynamically linked (uses shared libs), for GNU/Linux 2.6.26, BuildID[sha1]=77e92e8b1bd4f26641bab4dbf563037a7b9538d2, not stripped

Quick tip of the hat to the Lets Encrypt folks. I just finished installing their SSL certificate! There were some unfortunate technical problems along the way that they will hopefully deal with. Once I get some time I'll walk you through how to set up your own Let's Encrypt certificate.

Category: Reverse Engineering Points: 100 Solves: Description:

ZorroPub

zorro_bin

First off, lets see what type of file this is:

 

$ file zorro_bin
zorro_bin: ELF 64-bit LSB executable, x86-64, version 1 (SYSV), dynamically linked (uses shared libs), for GNU/Linux 2.6.24, BuildID[sha1]=5bd9436f341615c804471bb5aec37e426508a7af, stripped

Category: Reverse Engineering Points: 300 Solves: Description:

Random as F*!@

pseudorandom_bin

 

This challenge was a great example of the power of symbolic execution. Start as usual with determining what type of file it is:

 

$ file pseudorandom_bin
pseudorandom_bin: ELF 64-bit LSB executable, x86-64, version 1 (SYSV), dynamically linked (uses shared libs), for GNU/Linux 2.6.24, BuildID[sha1]=5a0f467ef94ee8fa770ecda91c4326f00b2c6c30, stripped

Category: Stegano Points: 300 Solves 8 Description:

Description: A key is Hidden within this file, Find it and get the f**kin' flag

Attachment: 61b94d373df24a669390bf5cc31090ac

 

This particular steganography challenge covers a bunch of different techniques, which is why it was called Ultimate Steg. In solving this, I utilized my StegoDone tool extensively. Let's start by taking a look at the initial file we are given. Since it has no extension, lets use file to discover what it is: