这是我们第一次线下赛，也是一次被全面吊打的经历(ToT)/~~~。 Continue reading “ZCTF线下赛总结”
This is a write-up for the 0ctf 2016 quals “VM” reverse challenge worth 7 points.
The main process of solving this challenge contains 3 phase:
- Find the location of input check algorithm
- Reverse input transform algorithm
I wasted much life in the second phase. This function is flattend by a big switch structure and contains a lot of goto instruction. It’s hard to reverse such a function statically, So we use dynamic analysis and black box analysis. we make a few assumptions on the transform pattern. We can reverse the algorithm without understanding assembly or decompiled code.
三个漏洞：1.堆溢出 2.double free 3.任意内存读 Continue reading “RCTF pwn400 shaxian writeup”
The program implements some matrix multiplication function, first we should input size of matrix, and than there matrix will be allocated on the stack and calculate multiplication of first two matrix into the third one.
在分析内核态的恶意代码时，常常会遇见向用户态线程插入APC的情况（例如：暗云Bootkit）。那么恶意代码为什么以及如何使用APC插入呢？ Continue reading “关于异步过程调用 APC(Asynchronous Procedure Calls)”
VolgaCTF is over and I wrote this short writeup for later reference. Continue reading “VolgaCTF short writeup(interstellar, tiny_bash, mathproblem, pwnie)”
Teaser CTF is launched by Dragon Sector, is a Polish security Capture The Flag team. It was created in February 2013 and currently has 13 active members.
I solved two challenge in the first evening(so easy, power level) and tried to solves the pwnable challenge quine on Sunday Morning but failed, I found a write-any-where vulnerability but I didn’t see how to exploit. Continue reading “Teaser CTF 2015 writeup(So easy, power level)”
I wanted to play with ropc and died a little in installing ropc. Firstly we have to install BAP 0.4. To compile BAP, we need to install ocaml 3.12.1 from source(because ocaml 4.0 can not compile BAP 0.4). Then we need to install camomile from source.(again the default apt-get camomile version failed in the compilation).
PS: the following package should be installed before compiling bap0.4.
apt-get install gcc-multilib g++-multilib
apt-get install binutils-dev automake libpcre3-dev autotools-dev
apt-get install ocaml-findlib camlidl libocamlgraph-ocaml-dev libbfd-dev
another issue is :
asm_program.c:8:23: fatal error: libiberty.h: No such file or directory
It’s such a pain that a end up installing bap using opam…