ctfallday Posted July 4, 2017 Posted July 4, 2017 On 6/17/2017 at 9:56 PM, crystalboy said: @Etor Madiv Reveal hidden contents You should just be faster. You can send it or just copy and paste it on the website but you must be fast! Expand Thanks! Solved it! This probably was my favorite challenge do date!
pivskid Posted July 5, 2017 Posted July 5, 2017 Can anyone give a hint at doc2. I think I know what to do and I get the following key Reveal hidden contents PAN{63g8db85T83F} but it is wrong . Can anyone tell if it is just me not getting the ascii art correct or if I have misunderstood the task. Thanks!
crystalboy Posted July 5, 2017 Author Posted July 5, 2017 @pivskid Reveal hidden contents Yes you didn't get the ascii correctly. Some of your characters are wrong. To correct them you can reference to this website: http://patorjk.com/
pivskid Posted July 6, 2017 Posted July 6, 2017 Thanks crystalboy! Finally, got the right key Does anyone know how to programatically extract the key for the xor'ing? the key that is overwritten on document open? I tried oletools and oledump to no avail but maybe there is another way...
ctfallday Posted July 6, 2017 Posted July 6, 2017 (edited) Any hints of mobile 2? I figured out what file is looking for, pretty sure how many chars it is looking for in that file; 29, but not sure what it is doing after that. I tried strace to see if the response is different if a character matches, but that doesnt seem to be the case... kinda stuck. I have been trying to use gdb-multiarch and radare2, but cant really debug the program. I also tried NOPing out the ptrace... Thanks! Edited July 6, 2017 by ctfallday
ctfallday Posted July 9, 2017 Posted July 9, 2017 is the second binary from rev 1 a ping binary? just want to make sure i didnt miss anything.
akkaldama Posted July 9, 2017 Posted July 9, 2017 @ctfallday It decrypts something, keep debugging. Regards, akkaldama.
Rurik Posted July 10, 2017 Posted July 10, 2017 On 7/6/2017 at 3:28 PM, ctfallday said: Any hints of mobile 2? I figured out what file is looking for, pretty sure how many chars it is looking for in that file; 29, but not sure what it is doing after that. I tried strace to see if the response is different if a character matches, but that doesnt seem to be the case... kinda stuck. I have been trying to use gdb-multiarch and radare2, but cant really debug the program. I also tried NOPing out the ptrace... Thanks! Expand It's in there. You got the first part done, you're just overlooking the rest somewhere. I did it in QEMU-MIPS with gdb.
ctfallday Posted July 10, 2017 Posted July 10, 2017 (edited) On 7/10/2017 at 5:38 PM, Rurik said: It's in there. You got the first part done, you're just overlooking the rest somewhere. I did it in QEMU-MIPS with gdb. Expand Thanks Rurik... i had tried doing that, but the stack and all pointers come up as blank of gdb for some reason. for some reason, i have having issues with reading process memory no matter which debugger i am using. sudo or not. Edited July 10, 2017 by ctfallday
akkaldama Posted July 16, 2017 Posted July 16, 2017 Any hints on docs4? Got the first macro, i have edited to set the resolution.. etc as per the calculation value, got the xor encrypted content from pos 83012 but stuck at the the xor decryption as it gives invalid .doc file based on my language settings. Regards, akkaldama
kirby Posted July 17, 2017 Posted July 17, 2017 Any hints for binary 3? Reveal hidden contents I've got to the part where it needs some 64 bytes in the host's clipboard, but I can't work out what it wants.
tec Posted July 20, 2017 Posted July 20, 2017 On 7/16/2017 at 8:01 AM, akkaldama said: Any hints on docs4? Got the first macro, i have edited to set the resolution.. etc as per the calculation value, got the xor encrypted content from pos 83012 but stuck at the the xor decryption as it gives invalid .doc file based on my language settings. Regards, akkaldama Expand Wrong offset! There are system calls other than resolution. Try all combinations of parameters. 1
tec Posted July 20, 2017 Posted July 20, 2017 On 7/17/2017 at 7:21 PM, kirby said: Any hints for binary 3? Reveal hidden contents I've got to the part where it needs some 64 bytes in the host's clipboard, but I can't work out what it wants. Expand Reveal hidden contents There are some byte wise conversion along with redundant (repeated) computations. Then the comparison after the whole loop. It is related to the text produced earlier.
evandrix Posted July 20, 2017 Posted July 20, 2017 anyone who has completed http://mi22ionimp0cible.com:8080 ... pm me pls, need help
re_sigh Posted July 25, 2017 Posted July 25, 2017 For anyone that was having issues with Programming #3 - write up is here: http://blog.seekintoo.com/labyrenth-2017-3d-maze-writeup.html
Downpour Posted July 25, 2017 Posted July 25, 2017 (edited) This is a nice writeup for the binary challenges which goes more into detail than necessary in my opinion but still really good: https://fevral.github.io/ and congrats to everyone who solved the challenges! Edited July 25, 2017 by Castor
akkaldama Posted August 4, 2017 Posted August 4, 2017 Winners has been announced https://researchcenter.paloaltonetworks.com/2017/08/unit42-labyrenth-ctf-2017-winners/ 1
Recommended Posts
Create an account or sign in to comment
You need to be a member in order to leave a comment
Create an account
Sign up for a new account in our community. It's easy!
Register a new accountSign in
Already have an account? Sign in here.
Sign In Now