Press "Enter" to skip to content

Tag: CTF-Reverse

CTF question type – Reverse.

[HITCON] Handcrafted pyc – 50pts

Description Can your brain be a Python VM? (Please use Python 2.7) Hint None   Solution Firstly, we have converted it to pyc files.

We try to decompile it by using uncomple2 , but we found that it missed 8 bytes of pyc header. After we fixed the file, it is able to decompile and we got a part of data Here is the comparison part, so we can trace the flag here Finally we got

Convert all of the ascii code to string to get the flag. hitcon{Now you can compile and run python bytecode in your brain!}

Comments closed

[H4CK1T]Ethiopia – Crypt00perator – 95pts

Description: Long time ago one security module has been written. But fornow its sources have been missed somehow. We have forgotten th3access k3y, which, as we remember, has been hardcoded inside themodule. Help us to recollect th3 k3y!11 h4ck1t{} Solution: After analysis the execution program, found that it is an64bit execution program. So we have to use 64bit debugger. First, search all the references string of the program andjump into the comparison point. and we get this”o3dl6s|41a42344d110746d574e35c2f77ab6>3z” We try to input it as key and watch the value of each memoryaddress


Comments closed


Question: 只給了一個apk檔案 Solution: 把apk反編譯 , 得出源檔案 到 commayank13059theoracle查看 運行genLoginForm1() 和 genLoginForm2() 得到 把hex轉回文字 hidelikeachameleonbefiercelikealion

Comments closed

[IceCTF2016]Complacent – 40pt

Question: These silly bankers have gotten pretty complacent withtheir self signed SSL certificate. I wonder if there’s anything inthere. Solution: 題目說是ssl憑證問題 , 查看之下發現 隨便點一個按詳細資料發現 IceCTF{this_1nformation_wasnt_h1dd3n_at_a11}

Comments closed

[IceCTF2016]Hidden in Plain Sight – 45pt

Question: 題目只給了一個ELF(Executable and Linking Format)檔案 Solution: 既然是elf , 所以我在linux中進行分析 在下載檔案後 , 做第一件事情是看看其中內容 看下一點發現.. IceCTF{look_mom_I_found_it}

Comments closed

[SCTF]Secure Text Saver – 60

題目: Will you test out my new program for me? It saves importantinfo and keeps it away from prying eyes! 解法: 拿到jar , 立刻扔到java online decompiler , 得出 這是最重要的一部份 sctf{w0w_th4t_w45_pr377y_e45y}

Comments closed

[SCTF]Cookies – 75

題目: My mom put a password on the cookie jar 🙁 Will you help me get a cookie? 解法: 直接把jar扔上java online decompiler , 得出以下東東 雖然下面還有好多 , 但是看到這裹已經沒必要再看下去了 直接把md5拿去解密 得出 thisisaverystrongpassword 在jar中輸入 , 得出flag sctf{g3t_y0ur_h4nd_0ut_0f_my_c00k13_j4r!}

Comments closed