rand0m Posted September 8, 2017 Share Posted September 8, 2017 So how is everyone going with it Link to comment Share on other sites More sharing options...
kao Posted September 8, 2017 Share Posted September 8, 2017 I'm on #9 and I know that few other members are playing. But all in all forum is unusually quiet this year. Link to comment Share on other sites More sharing options...
rand0m Posted September 8, 2017 Author Share Posted September 8, 2017 I'm wondering if people use plain gdb or scripts like this are popular https://github.com/longld/peda Link to comment Share on other sites More sharing options...
kao Posted September 8, 2017 Share Posted September 8, 2017 For the boat game? I didn't use any Linux debugger whatsoever. If I really had to - I'd use IDA with Linux debugger server. But I'm sure that everyone has his/her favorite tools. Link to comment Share on other sites More sharing options...
Futex Posted September 8, 2017 Share Posted September 8, 2017 I'm on it too, i started the 5 challenge. Link to comment Share on other sites More sharing options...
Eskalina Posted September 8, 2017 Share Posted September 8, 2017 Guys hello. Somebody can help me with 10th task ? i'm really stuck on it. I was recovered some bytes from key (particular 1th, 25, 26 and 27), identified set of characters that can be used on positions in the key and I found the expected length of the key (64b). I was trying to reverse algorithm and trying to create system of xor equations, but all to no avail Link to comment Share on other sites More sharing options...
Extreme Coders Posted September 9, 2017 Share Posted September 9, 2017 22 hours ago, rand0m said: I'm wondering if people use plain gdb or scripts like this are popular https://github.com/longld/peda Vanilla gdb is cumbersome to use. As such, I tend to use pwngdb or gef when the need arises, but again there is no replacement for IDA. Started the challenges late. Currently, on the 5th one. Link to comment Share on other sites More sharing options...
rand0m Posted September 9, 2017 Author Share Posted September 9, 2017 1 minute ago, Extreme Coders said: Vanilla gdb is cumbersome to use. As such, I tend to use pwngdb or gef when the need arises, but again there is no replacement for IDA. Started the challenges late. Currently, on the 5th one. Yeah I switched to IDA in the end. I'm still at level 6. Link to comment Share on other sites More sharing options...
kao Posted September 9, 2017 Share Posted September 9, 2017 (edited) @Eskalina: I'm at the pretty much same place, so no suggestions yet. There must be better way than sheer bruteforce.. EDIT: there's no substitute for human eyes. I made semi-interactive tool which allowed me to cycle through all possible set of chars for each byte and printed first 320 bytes decoded.. In few minutes I was able to recover correct key. Edited September 9, 2017 by kao 1 Link to comment Share on other sites More sharing options...
Eskalina Posted September 9, 2017 Share Posted September 9, 2017 @kao You right, I decided this. 10/12 completed. Link to comment Share on other sites More sharing options...
Aldhard Oswine Posted September 9, 2017 Share Posted September 9, 2017 Any tips for the 9th challenge? If not just analyzing whole AVR disassembly via IDA? Link to comment Share on other sites More sharing options...
rand0m Posted September 9, 2017 Author Share Posted September 9, 2017 in level 6, I got one letter of the flag from a certain function, does the same function decrypt the rest of the flag or I should be looking for other functions to call ? Link to comment Share on other sites More sharing options...
rand0m Posted September 10, 2017 Author Share Posted September 10, 2017 6 hours ago, rand0m said: in level 6, I got one letter of the flag from a certain function, does the same function decrypt the rest of the flag or I should be looking for other functions to call ? nevermind, figured it out Link to comment Share on other sites More sharing options...
kao Posted September 10, 2017 Share Posted September 10, 2017 @Aldhard Oswine: IDA is sufficient. With a bit of skill and trained eye you will recognize the check and then you can reimplement it in any language you like. Or you can use Atmel Studio, if you wish to debug it. Link to comment Share on other sites More sharing options...
Eskalina Posted September 10, 2017 Share Posted September 10, 2017 @Aldhard Oswine Another way, you can use a bunch of radare2+simavr+gdb. IDA makes errors in calculating addresses of instructions. Link to comment Share on other sites More sharing options...
Aldhard Oswine Posted September 10, 2017 Share Posted September 10, 2017 Using Atmel and debugging is was easy I need your help in the 10th challenge, any suggestions for the crypto? How to get correct function from encoded data, how to get correct input Link to comment Share on other sites More sharing options...
endered Posted September 12, 2017 Share Posted September 12, 2017 I stuck at challenge 5 for two days, still have no idea to do with the number sequence I've got in the last round. Link to comment Share on other sites More sharing options...
crystalboy Posted September 12, 2017 Share Posted September 12, 2017 (edited) @endered Spoiler Start by replacing 'PEW' string with empty string. When you play you fill the grid to sink the ships. At the end of each level the various 'X' toghether represent a letter. At the end of the challenge you get these numbers that are the order in which you need to sort those letters. When you sort them out and you perform ROT-13 on the sorted string you will get something readable. Edited September 12, 2017 by crystalboy 1 Link to comment Share on other sites More sharing options...
Aldhard Oswine Posted September 12, 2017 Share Posted September 12, 2017 @crystalboy what about 10th? Is there a better way than brute force? Link to comment Share on other sites More sharing options...
crystalboy Posted September 12, 2017 Share Posted September 12, 2017 @Aldhard Oswine Unfortunately i am taking it slowly and i didn't reached level 10 yet. Considering kao hint by the way it seems that you need a smart bruteforcer On 9/9/2017 at 8:19 AM, kao said: I made semi-interactive tool which allowed me to cycle through all possible set of chars for each byte and printed first 320 bytes decoded.. In few minutes I was able to recover correct key. Link to comment Share on other sites More sharing options...
endered Posted September 12, 2017 Share Posted September 12, 2017 @crystalboy Thanks for u help, I forgot that encryption. I got something readable but still meaningless after decrypt, continue to see and try to find the ans. Link to comment Share on other sites More sharing options...
rand0m Posted September 14, 2017 Author Share Posted September 14, 2017 Is there a better java debugger than JDB ? Link to comment Share on other sites More sharing options...
quend Posted September 14, 2017 Share Posted September 14, 2017 #11.... >.< getting caught up in the first decryption part. Any suggestions? Link to comment Share on other sites More sharing options...
grau Posted September 17, 2017 Share Posted September 17, 2017 Got stuck on challenge 4. Can't decrypt with key.bin Link to comment Share on other sites More sharing options...
SmilingWolf Posted September 17, 2017 Share Posted September 17, 2017 (edited) Suggestions: Spoiler @quend any more details you can offer? What's not working? I have found that some challenges sometimes require a little nudge to go in the right direction.@grau I couldn't find the last required item (assuming it ever existed EDIT: whelps, it exists, I was damn blind), so I ended up forcing the program a bit in the right direction. If you have done everything right, 3/4 of the key are all you need to get the flag. I have seen a number of people doing something like this on twitter, am I doing it right? Spoiler Edited September 17, 2017 by SmilingWolf 1 1 Link to comment Share on other sites More sharing options...
Recommended Posts
Create an account or sign in to comment
You need to be a member in order to leave a comment
Create an account
Sign up for a new account in our community. It's easy!
Register a new accountSign in
Already have an account? Sign in here.
Sign In Now