Hello there! Long time no CTFs :3

We are given a big Windows binary named digital_fortrees.exe, and when I run strings on it looking for flag, I saw a lot of names like this: unittest/__init__.pycPK unittest/case.pycPK unittest/loader.pycPK unittest/main.pycPK unittest/res…

We are given a Golang binary, which my idol teammate @yeuchimse reverse engineered :3. The checking code looks like this: factorials = [1, 1, 2, 6, 0x18, 0x78, 0x2d0, 0x13b0, 0x9d80, 0x58980, 0x375f00, 0x2611500, 0x1c8cfc00] def calc(nums)…

Point: 200 http://material.wargame.whitehat.vn/contests/11/for1_206e72e52f2f73fa1a1080b70d528657.zip nc 118.70.80.143 7337 We are given an archive which contains a file named image and an address to netcat to. Try to run file on image, we …

I played Codegate 2016 Quals last week with our team BabyPhD. Although I couldn't solve many tasks :(, the CTF is quite fun to play :3 We are given a nice-looking small x86 Linux binary that reads our name and let us play lotto. After load…

Sau đây là writeup các bài mà mình giải được (và suýt giải được) tại vòng sơ khảo cuộc thi SVATTT năm 2015 cùng với đội Animal.OhYeah: Reversing 300 Đây là một chương trình Linux x86 được viết sử dụng thư viện ncurses nên khi dịch ngược co…

When I read this problem, I was thinking about Edmonds' algorithm, but it runs in , which is not OK for the last 10 tests. Besides, in graph_generator.py, there are no conditions that guarantee there exists a perfect matching. So, we can't…

We are asked to calculate the number of ways to make a valid pattern on Android lock screen. This problem is equivalent to counting different simple Hamiltonian paths on a graph. Since the number of nodes are small (but big enough so that …

We are given a 7-zip archive that contains a lot of smaller (or bigger?) archives inside it, and inside those archive we have even more archives. And each archive is about 4GB in size. When I open the archive with WinRAR, I noticed that th…

We are given a VirtualBox saved state file. After some Googling on how to recover info from a .sav file, I decided to create a VirtualBox VM and overwrite its .sav file with the given file. So I created a Ubuntu x64 VM and I need to change…

I used HT Editor in ELF image edit mode on Ubuntu to replace the jnz instructions that are used to check our random variables with 31337 with the jo instructions, in details: 3 - address 0x400fbc, change byte 85 to byte 80 1 - address 0x40…

We are given a set of points, and we need to determine the maximum area a polygon can cover on a 2D plane using those points as vertices. We can easily see (and prove) that the polygon we need to find must contain all of those points, and …

The statement for this problem (provided when we connect to its server): You're given a set of integer numbers x0,x1,...,xn and y. Using parenthesis '(' and ')' and regular arithmetic operations '*','/','+','-' over integer numbers you nee…

Steampunk is great :3 We're given a video file, which is this song by Abney Park but with some car brand logos added. I used Media Player Classic to play that video and then save the frames that contain those logos. Then I snipped the logo…

The original code is here: anarchy golf - the source code I modified it a bit so it will support Python 3 as well without breaking the code. Instead of using the print statement(Py2)/function(Py3), I replace it with __import__('sys').stdou…

My first CTF programming solution without bug :3 (or at least I haven't found any yet :p) When we first connect to the server, we are given a 12-byte string. And in order to prove that we are "not robot", we must reply with a 20-byte strin…

My code is kinda messy and buggy :<. I can fix it, but I would like to keep things like during the contest (sorry for this weird habit :p). So I will outline my ideas from my solution here: For level 0 and 1, I use Google Geocoding API (ht…

Decompile the provided APK file with http://www.decompileandroid.com/, and then open the file MainActivity.java at /com/ctf/vezel, I found this: // Decompiled by Jad v1.5.8e. Copyright 2001 Pavel Kouznetsov. // Jad home page: http://www.ge…

I am a newbie at CTFs so there will be many errors in this writeup. If you found one (or some), please leave a comment or send me an e-mail :D. Thank you :D On the main page we see an upload form, so we can guess that this site has a Local…

I am a newbie at CTFs so there will be many errors in this writeup. If you found one (or some), please leave a comment or send me an e-mail :D. Thank you :D Try to run the binary with ltrace, I got: junior_guest@ip-172-31-0-234:/home/urand…

I am a newbie at CTFs so there will be many errors in this writeup. If you found one (or some), please leave a comment or send me an e-mail :D. Thank you :D Basic buffer overflow exploitation. We got the following code: #include <stdio.h> #include <stdlib.h></stdlib.h></stdio.h>…