ctfallday Posted July 4, 2017 Share Posted July 4, 2017 On 6/17/2017 at 5:56 PM, crystalboy said: @Etor Madiv Reveal hidden contents You should just be faster. You can send it or just copy and paste it on the website but you must be fast! Thanks! Solved it! This probably was my favorite challenge do date! Link to comment Share on other sites More sharing options...
pivskid Posted July 5, 2017 Share Posted July 5, 2017 Can anyone give a hint at doc2. I think I know what to do and I get the following key Spoiler PAN{63g8db85T83F} but it is wrong . Can anyone tell if it is just me not getting the ascii art correct or if I have misunderstood the task. Thanks! Link to comment Share on other sites More sharing options...
crystalboy Posted July 5, 2017 Author Share Posted July 5, 2017 @pivskid Spoiler Yes you didn't get the ascii correctly. Some of your characters are wrong. To correct them you can reference to this website: http://patorjk.com/ Link to comment Share on other sites More sharing options...
pivskid Posted July 6, 2017 Share Posted July 6, 2017 Thanks crystalboy! Finally, got the right key Does anyone know how to programatically extract the key for the xor'ing? the key that is overwritten on document open? I tried oletools and oledump to no avail but maybe there is another way... Link to comment Share on other sites More sharing options...
ctfallday Posted July 6, 2017 Share Posted July 6, 2017 (edited) Any hints of mobile 2? I figured out what file is looking for, pretty sure how many chars it is looking for in that file; 29, but not sure what it is doing after that. I tried strace to see if the response is different if a character matches, but that doesnt seem to be the case... kinda stuck. I have been trying to use gdb-multiarch and radare2, but cant really debug the program. I also tried NOPing out the ptrace... Thanks! Edited July 6, 2017 by ctfallday Link to comment Share on other sites More sharing options...
ctfallday Posted July 9, 2017 Share Posted July 9, 2017 is the second binary from rev 1 a ping binary? just want to make sure i didnt miss anything. Link to comment Share on other sites More sharing options...
akkaldama Posted July 9, 2017 Share Posted July 9, 2017 @ctfallday It decrypts something, keep debugging. Regards, akkaldama. Link to comment Share on other sites More sharing options...
Rurik Posted July 10, 2017 Share Posted July 10, 2017 On 7/6/2017 at 11:28 AM, ctfallday said: Any hints of mobile 2? I figured out what file is looking for, pretty sure how many chars it is looking for in that file; 29, but not sure what it is doing after that. I tried strace to see if the response is different if a character matches, but that doesnt seem to be the case... kinda stuck. I have been trying to use gdb-multiarch and radare2, but cant really debug the program. I also tried NOPing out the ptrace... Thanks! It's in there. You got the first part done, you're just overlooking the rest somewhere. I did it in QEMU-MIPS with gdb. Link to comment Share on other sites More sharing options...
ctfallday Posted July 10, 2017 Share Posted July 10, 2017 (edited) 3 hours ago, Rurik said: It's in there. You got the first part done, you're just overlooking the rest somewhere. I did it in QEMU-MIPS with gdb. Thanks Rurik... i had tried doing that, but the stack and all pointers come up as blank of gdb for some reason. for some reason, i have having issues with reading process memory no matter which debugger i am using. sudo or not. Edited July 10, 2017 by ctfallday Link to comment Share on other sites More sharing options...
akkaldama Posted July 16, 2017 Share Posted July 16, 2017 Any hints on docs4? Got the first macro, i have edited to set the resolution.. etc as per the calculation value, got the xor encrypted content from pos 83012 but stuck at the the xor decryption as it gives invalid .doc file based on my language settings. Regards, akkaldama Link to comment Share on other sites More sharing options...
kirby Posted July 17, 2017 Share Posted July 17, 2017 Any hints for binary 3? Spoiler I've got to the part where it needs some 64 bytes in the host's clipboard, but I can't work out what it wants. Link to comment Share on other sites More sharing options...
tec Posted July 20, 2017 Share Posted July 20, 2017 On 2017/7/16 at 4:01 PM, akkaldama said: Any hints on docs4? Got the first macro, i have edited to set the resolution.. etc as per the calculation value, got the xor encrypted content from pos 83012 but stuck at the the xor decryption as it gives invalid .doc file based on my language settings. Regards, akkaldama Wrong offset! There are system calls other than resolution. Try all combinations of parameters. 1 Link to comment Share on other sites More sharing options...
tec Posted July 20, 2017 Share Posted July 20, 2017 On 2017/7/18 at 3:21 AM, kirby said: Any hints for binary 3? Reveal hidden contents I've got to the part where it needs some 64 bytes in the host's clipboard, but I can't work out what it wants. Spoiler There are some byte wise conversion along with redundant (repeated) computations. Then the comparison after the whole loop. It is related to the text produced earlier. Link to comment Share on other sites More sharing options...
evandrix Posted July 20, 2017 Share Posted July 20, 2017 anyone who has completed http://mi22ionimp0cible.com:8080 ... pm me pls, need help Link to comment Share on other sites More sharing options...
evandrix Posted July 23, 2017 Share Posted July 23, 2017 nvm...solved Link to comment Share on other sites More sharing options...
re_sigh Posted July 25, 2017 Share Posted July 25, 2017 For anyone that was having issues with Programming #3 - write up is here: http://blog.seekintoo.com/labyrenth-2017-3d-maze-writeup.html Link to comment Share on other sites More sharing options...
Downpour Posted July 25, 2017 Share Posted July 25, 2017 (edited) This is a nice writeup for the binary challenges which goes more into detail than necessary in my opinion but still really good: https://fevral.github.io/ and congrats to everyone who solved the challenges! Edited July 25, 2017 by Castor Link to comment Share on other sites More sharing options...
akkaldama Posted August 4, 2017 Share Posted August 4, 2017 Winners has been announced https://researchcenter.paloaltonetworks.com/2017/08/unit42-labyrenth-ctf-2017-winners/ 1 Link to comment Share on other sites More sharing options...
Recommended Posts
Create an account or sign in to comment
You need to be a member in order to leave a comment
Create an account
Sign up for a new account in our community. It's easy!
Register a new accountSign in
Already have an account? Sign in here.
Sign In Now