Category: Reverse Engineering Points: 300 Solves: Description:

Random as F*!@

pseudorandom_bin

 

This challenge was a great example of the power of symbolic execution. Start as usual with determining what type of file it is:

 

$ file pseudorandom_bin
pseudorandom_bin: ELF 64-bit LSB executable, x86-64, version 1 (SYSV), dynamically linked (uses shared libs), for GNU/Linux 2.6.24, BuildID[sha1]=5a0f467ef94ee8fa770ecda91c4326f00b2c6c30, stripped

Category: Reverse Engineering Points: 100 Solves: Description:

ZorroPub

zorro_bin

First off, lets see what type of file this is:

 

$ file zorro_bin
zorro_bin: ELF 64-bit LSB executable, x86-64, version 1 (SYSV), dynamically linked (uses shared libs), for GNU/Linux 2.6.24, BuildID[sha1]=5bd9436f341615c804471bb5aec37e426508a7af, stripped

As a side interest, I've become curious about video and audio encoding. I've been looking into the many different flavors of encoding there are, and attempting to determine the best way forward. This is purely selfish as I have a collection of videos that are taking up too much space and I want to make them smaller, but also keep as much detail as possible.

 

Getting more to the point, my primary system is a Windows desktop with NVidia graphics card. While I was able to encode videos using Linux, the machine running Linux was either a Virtual Machine or a laptop. Either way, performance for encoding was not great. I wanted to not only get my much stronger desktop involved, but also utilize the graphics card. I was previously using HandBrake, which is a neat application. However, I wanted more control over what was happening, and also just get a bad vibe from that tool (and don't want it running on my primary system). One of the most well known and respected tools in this area is ffmpeg. If you haven't looked at it, I'd highly recommend reading their docs. Really cool stuff.

Category: Stegano Points: 300 Solves 8 Description:

Description: A key is Hidden within this file, Find it and get the f**kin' flag

Attachment: 61b94d373df24a669390bf5cc31090ac

 

This particular steganography challenge covers a bunch of different techniques, which is why it was called Ultimate Steg. In solving this, I utilized my StegoDone tool extensively. Let's start by taking a look at the initial file we are given. Since it has no extension, lets use file to discover what it is:

FTP (300 points)

We found an ftp service, I'm sure there's some way to log on to it.

nc 54.175.183.202 12012
ftp_0319deb1c1c033af28613c57da686aa7

We're given a binary. Let's see what it is:

 

$ file ftp_0319deb1c1c033af28613c57da686aa7
ftp: ELF 64-bit LSB executable, x86-64, version 1 (SYSV), dynamically linked (uses shared libs), for GNU/Linux 2.6.32, BuildID[sha1]=43afbcd9f4e163f002970b9e69309ce0f1902324, stripped