[TRACS 2021 - RE] Coffre

Intro Epreuve 12-3 – Coffre En tant que stagiaire vous avez accès aux locaux de la NSB. Vous allez collecter des informations dans les locaux. Un coffre est présent dans les locaux en salle rideau. Il appartient à Richard Cresus de la Tune. Essayez d’ouvrir ce coffre. Quel est l’IBAN contenu dans le coffre ? Format de la réponse : IBAN sans séparateur. Basically, we have to crack open an electronic safe.
Read full post gblog_arrow_right

[Hack.lu 2021 - pwn] Cloudinspect

CloudInspect CloundInpect was a hypervisor exploitation challenge I did for the Hack.lu event. I didn’t succeed to flag it within the 48 hours :(. But anyway I hope this write up will be interesting to read! The related files can be found right here After Whiterock released it’s trading bot cloud with special Stonks Sockets another hedge fund, Castel, comes with some competition. The special feature here is called “cloudinspect”.
Read full post gblog_arrow_right

[ASIS CTF QUALS 2021 - pwn] abbr & justpwnit

Hello folks ! Here is a write up for the two first pwn challenges of the ASIS CTF. You can find the related files here. justpwnit justpwnit was a warmup pwn challenge. That’s only a basic stack overflow. The binary is statically linked and here is the checksec’s output: [*] '/home/nasm/justpwnit' Arch: amd64-64-little RELRO: Partial RELRO Stack: No canary found NX: NX enabled PIE: No PIE (0x400000) Morever the source code is provided as it is the case for all the pwn tasks !
Read full post gblog_arrow_right

[FCSC 2021 - pwn] Blind Date

Blind Date (489 pts) Une société souhaite créer un service en ligne protégeant les informations de ses clients. Pouvez-vous leur montrer qu’elle n’est pas sûre en lisant le fichier flag.txt sur leur serveur ? Les gérants de cette société n’ont pas souhaité vous donner ni le code source de leur solution, ni le binaire compilé, mais ils vous proposent uniquement un accès distant à leur service.
Read full post gblog_arrow_right

[FCSC 2021 - pwn] Itsy Mipsy router

Itsy Mipsy Router (200 pts) Itsy Mipsy Router is a pwn challenge I did during the FCSC event. It’s not a very hard challenge but I found it very interesting because it was my first mips pwn challenge ! Setup So basically we got this: On vous demander d’auditer un routeur à l’interface entre Internet et un réseau interne d’une entreprise. Le client vous demande si il est possible de lire les fichiers stockés sur la machine filer qui sert de serveur de fichiers HTTP.
Read full post gblog_arrow_right

[UnionCTF 2021 - pwn] babyrarf

The binary can be found right here. [UnionCTF] Babyrarf Welcome guys, This Write-Up is about de first pwn challenge of unionctf: babyrarf. It was a really easy challenge with a stack based buffer overflow. The source code was provided so, no need to reverse the binary :). Let’s take a look at the src! #include <stdio.h>#include <stdlib.h>#include <stdint.h>#include <unistd.h> typedef struct attack { uint64_t id; uint64_t dmg; } attack; typedef struct character { char name[10]; int health; } character; uint8_t score; int read_int(){ char buf[10]; fgets(buf, 10, stdin); return atoi(buf); } void get_shell(){ execve("/bin/sh", NULL, NULL); } attack choose_attack(){ attack a; int id; puts("Choose an attack:\n"); puts("1.
Read full post gblog_arrow_right

About

I’m a french security enthusiast focused on low level stuff especially on binary exploitation / analysis and on kernel stuff. If you have any questions about what I write on my blog, feel free to DM me on discord: nasm#1307. Doing CTF’s for ret2school, + pwn / RE / kernel. Engineering student at ESIEA.