- Details
- Written by Michael Bann
- Category: Tutorials
In this tutorial, I will go over an easy way to learn how assembly and binaries work on your own. I will show you a technique you can use to teach yourself on a practical level how assembly and binaries work. This is meant as an introduction, and will not go into detail on assembly itself (perhaps another tutorial!). However, by the end of this tutorial you will be able to create and answer some of your own questions regarding binary analysis and programming.
- Details
- Written by Michael Bann
- Category: CTF Writeups
Category: Pwn Points: 200 Solves: 64 Description:
What's your hacker level?
Find out with this nifty little app at challs.campctf.ccc.ac:10118. You can also run your own instance: hacker_level
Here's another great example of using the format string exploiter to do your work for you. Again, it's about removing any mechanics of exploitation where possible so you can focus on the human task of understanding the vulnerability rather than the machine task of writing the format string. Let's take a peek at the challenge.
- Details
- Written by Michael Bann
- Category: Tutorials
I recently had the need to build a Python 2.7 debugging environment for my porting work of the angr platform to Windows. The problem I have run into is that there is not terribly good documentation on this subject. Not only was some of the official documentation from python misleading, but the links to the tools required were not easy to find. Here's how I built my debugging environment.
Read more: Building Python 2.7 Windows Debugging Environment
- Details
- Written by Michael Bann
- Category: CTF Writeups
Category: Exploit Points: 80 Solves: 101 Description:
Description: Printer are very very important for offices. Especially for remote printing. My boss told me to build a tool for that task.
Attachment: exp80.zip
Service: 188.166.133.53:12377
This example problem actually spurred me to create a helper script. Basically, I find that I do the same things every time that I run into a format string vulnerability. #1 is to re-learn how the damn thing works. #2 is to flounder around to try to find the right syntax. #3 is to spend time trying to figure out what is on the stack and what I have access to. This helper script solves all of that. But on to the challenge...
- Details
- Written by Michael Bann
- Category: CTF Writeups
Category: Reverse Points: 150 Solves: 108 Description:
Run and capture the flag!
Download serial
This challenge was another great challenge to use angr on. Right off the bad we can see it will be a "find the correct serial number" problem.
$ file serial
serial: ELF 64-bit LSB executable, x86-64, version 1 (SYSV), dynamically linked (uses shared libs), for GNU/Linux 2.6.26, BuildID[sha1]=77e92e8b1bd4f26641bab4dbf563037a7b9538d2, not stripped