0ctf 2016 writeup for VM challenge(reverse 7 pts)

Categories CTF

This is a write-up for the 0ctf 2016 quals “VM” reverse challenge worth 7 points.

The main process of solving this challenge contains 3 phase:

  1. Find the location of input check algorithm
  2. Reverse input transform algorithm
  3. profit

I wasted much life in the second phase. This function is flattend by a big switch structure and contains a lot of goto instruction. It’s hard to reverse such a function statically, So we use dynamic analysis and black box analysis. we make a few assumptions on the transform pattern. We can reverse the algorithm without understanding  assembly or decompiled code.

Continue reading “0ctf 2016 writeup for VM challenge(reverse 7 pts)”

Teaser CTF 2015 writeup(So easy, power level)

Categories Uncategorized

Teaser CTF is launched by Dragon Sector, is a Polish security Capture The Flag team. It was created in February 2013 and currently has 13 active members.

I solved two challenge in the first evening(so easy, power level) and tried to solves the pwnable challenge quine on Sunday Morning but failed, I found a write-any-where vulnerability but I didn’t see how to exploit. Continue reading “Teaser CTF 2015 writeup(So easy, power level)”

Install ropc(based on bap 0.4) on ubuntu 14.04

Categories Uncategorized

I wanted to play with ropc and died a little in installing ropc. Firstly we have to install BAP 0.4. To compile BAP, we need to install ocaml 3.12.1 from source(because ocaml 4.0 can not compile BAP 0.4). Then we need to install camomile from source.(again the default apt-get camomile version failed in the compilation).

add configure.ac:
AM_INIT_AUTOMAKE([subdir-objects])

PS: the following package should be installed before compiling bap0.4.

another issue is :

It’s such a pain that a end up installing bap using opam…