Step 1 install opus-tools
sudo apt-get install libogg-dev libopus-dev libopusfile-dev libopus-dev opus-tools libflac-dev
git clone https://github.com/xiph/libopusenc.git
sudo make install
git clone https://github.com/xiph/opus-tools.git
Step 2 extracting opus file from pcap file
./opus_tools/opus-tools/build/opusrtp --extract voice_udp.pcapng -o out.opus
Step 3 convert the opus file to .wav file, now you can enjoy the reconstructed audio ^_^
Note: the opusrtp tool may need some modification to work normally.
faggin is the last pawnable challenge in defcon 2017 quals. I did not solve it in the CTF, and there is no write-ups for this challenge, So I wrote this article.
Continue reading “[DEF CON CTF 2017 quals ] faggin write-up”
This is the most valuable challenge in NJCTF(worth 600 points). It is a a good practice to write shellcode too. pwntools provide handy APIs to write shellcode.
The child process is chroot jailed, to get the flag outside of the jail, we have to use “ptrace” to attach and modify the parent process to escape the jail.
There are many ways to exploit the vulnerability and we choose the following one
- add a syscall with negative number of registers and hijack the vtable to a stack position.
- input shellcode using the leave notes function
- call the hijacked function pointer
Continue reading “[NJCTF 2017] syscallhelper(pwn 600) write-up”
这是我们第一次线下赛，也是一次被全面吊打的经历(ToT)/~~~。 Continue reading “ZCTF线下赛总结”
The program implements some matrix multiplication function, first we should input size of matrix, and than there matrix will be allocated on the stack and calculate multiplication of first two matrix into the third one.
Continue reading “[+]HITCON CTF 2015 Matrix X Matrix (Pwnable, 175 points)”
Teaser CTF is launched by Dragon Sector, is a Polish security Capture The Flag team. It was created in February 2013 and currently has 13 active members.
I solved two challenge in the first evening(so easy, power level) and tried to solves the pwnable challenge quine on Sunday Morning but failed, I found a write-any-where vulnerability but I didn’t see how to exploit. Continue reading “Teaser CTF 2015 writeup(So easy, power level)”