X-MAS CTF 2019: Binary Exploiting & Reversing Write-Ups

Hello, Here are my write-ups for the X-MAS CTF 2019 organized by . Reversing: Santa’s crackme Santa’s crackme is easy to solve when using Ghidra, all you need to do is open up the binary, read the code and use the XOR Memory script from Ghidra. The flag is retrieved from flag_matrix and xored by 3. Select the flag data, right click on Script Manager and execute the XorMemory script We get the flag, except for the first character ...

December 21, 2019 · 2 min · Denis Nuțiu

Hack The Box – Travexec Write-up

Hello, Here’s my write-up for the Traverxec machine. Initial Shell: google User Hint: Read the configuration carefully and ls dem directories, and don’t forget, you’re the web server! Root Hint: In linux you can configure commands to be executed without requiring a password. The password for the PDF is the root flag. Link: BananaPr1nc3-Traverxec.pdf

December 13, 2019 · 1 min · Denis Nuțiu

HackTheBox Reversing DSYM Write-Up

Hello, Here’s my write-up for the Reversing DSYM challenge from HackTheBox. PDF: The password for the Write-Up is the challenge’s flag. To solve it I’ve used: Write a comment if you need a hint or something is not clear. Thanks for reading!

December 9, 2019 · 1 min · Denis Nuțiu

HackTheBox Reversing: Find The Secret Flag

Hello, This challenge is not that hard but it’s quite confusing. To solve this challenge very quickly all you have to do is patch it in 2 places and then run it with different arguments until the flags get’s spiten out. Here’s a sample script that runs the binary 100 times with arguments from 1 to 100 [code language=”bash”] printf ‘start\n’ for i in {1..100} do printf “$i ” ./program “$i” | xxd -r -p printf ‘\n’ done printf ‘\nend\n’ [/code] ...

September 22, 2018 · 2 min · Denis Nuțiu

HackTheBox Reversing: Cake Challenge

Hello, If you open this binary in Binary Ninja or any other disassembler, you’ll see a that the flow is quite weird. After looking at the strings tab I found UPX listed in there, this explains the weird graph. UPX is an open-source packer. A packer is just a piece of software that compresses the binary, when the binary is run it will unpack itself. Packing an exe could reduce it’s size by 30% or so.. since UPX is free you could also use it to unpack binaries. Unpacking is left as a exercise to the reader (I’m lazy) ...

September 15, 2018 · 2 min · Denis Nuțiu