For this challenge we were given an address and port to connect to, but little other information. Upon connecting, we received the following:

                    __
          PyJail   /__\
       ____________|  |
       |_|_|_|_|_|_|  |
       |_|_|_|_|_|_|__|
      A@\|_|_|_|_|_|/@@Aa
   aaA@@@@@@@@@@@@@@@@@@@aaaA
  A@@@@@@@@@@@@@@@@@@@@@@@@@@A
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
[!] Rule
1. After 3 day, the Light will be Turned Off then you Cannot see anything.
2. Cannot Use Some Special Characters in PyJail.
3. For 10 days, You can enter 38 characters per day.

Can You Escape from Here ??

 Name : [day-1]
################## Work List ##################
  coworker        : Find Coworker For Escape
  tool            : Find Any Tool
  dig             : Go Deep~
  bomb            : make boooooooomb!!!
###############################################

This challenge was interesting in that the solution speaks to a core principle in cryptography. The challenge presented you with two, random looking character strings, and asked you to determine which was XOR encrypted data, and which was just random noise.

While this challenge was under the "Baby's First" section, I think it's a great teaching example of a basic heap exploitation technique. File

 

$ file beatmeonthedl
beatmeonthedl: ELF 64-bit LSB executable, x86-64, version 1 (SYSV), dynamically linked, interpreter /lib64/ld-linux-x86-64.so.2, for GNU/Linux 2.6.24, not stripped

Tokyo Western's CTF 2017 offered a neat simple cryptography challenge that was written in python. For the challenge, we are given the python source code that was used to encrypt, and the output of the encryption. The challenge is to determine what the original input was that produced the output we're given. While the proper solution here is likely to actually understand and reverse the algorithm, I took this as an opportunity to enable my tool pySym to solve this challenge.

This years DEFCON CTF qualifiers featured a section called crackme. The idea behind the questions in this section was to find correct input to a prompted executable. The added challenge was that each challenge was actually a series of ~200 binaries. Your goal was to automate the cracking of one and be able to extend it to all the rest.

 

Magic was one of the easy ones, but it shows off the power of angr in finding good code paths.

 

$ file 4245f48054debd4d1a4cc0e5bd704705bff1440607443b8c6fc5c342d067e93e
4245f48054debd4d1a4cc0e5bd704705bff1440607443b8c6fc5c342d067e93e: ELF 64-bit LSB shared object, x86-64, version 1 (SYSV), dynamically linked, interpreter /lib/ld-musl-x86_64.so.1, stripped