Jump to content
Tuts 4 You

Recommended Posts

Posted
  On 10/3/2024 at 4:39 PM, NativeBridge said:

Anybody can help with ch3 ? i need to create file to match the yara rule ? dont understand what to do 

Expand  

Yes. You need to discover data that would trigger the Yara rule.

  • Like 1
Posted
  On 10/3/2024 at 3:01 PM, cl4whands said:

does challenge 6 require to guess an input string that should be hashed?

Expand  
  Reveal hidden contents

 

  • Like 1
Posted

Hi, anyone can help me with 5?

  Reveal hidden contents

 

  • Like 1
Posted
  On 10/4/2024 at 1:35 PM, AUP said:
  Reveal hidden contents

 

Expand  

I'm stuck on #6 as well.   I could use a hint/nudge.  Thanks!

  • Like 1
NativeBridge
Posted

Any hint to ch5 sshd ? 

  • Like 1
Posted

Any hint on the chall 2? I have pass the first operations easily. But can't understand how to find the hex checksum for the chacha20 decryption.

 

  • Like 1
Posted
  On 10/6/2024 at 9:14 AM, JimJ1m said:

Any hint on the chall 2? I have pass the first operations easily. But can't understand how to find the hex checksum for the chacha20 decryption.

 

Expand  
  Reveal hidden contents

 

  • Like 1
Posted
  On 10/5/2024 at 6:34 AM, M.b said:

Hi, anyone can help me with 5?

  Reveal hidden contents

 

Expand  
  Reveal hidden contents

 

  • Like 1
Posted (edited)

Hi, could I get a small nudge for challenge 7 (fullspeed)? I believe I've reversed everything and am able to communicate successfully with the unmodified binary. But the used crypto seems to be secure (tried many attacks for a day) so no idea how to extract the flag from the .pcap.

Update: Got it! Had all the requisite information already but putting it together wasn't easy for me although in hindsight it is very obvious. (as always)

Edited by RevEnjoyer
Update
  • Like 1
Posted (edited)

Never mind! I wanted some help on level 2, but I was able to figure it out.

Edited by AmyBrooklin
I was able to figure it out.
  • Like 1
Posted
  On 10/6/2024 at 1:45 PM, RevEnjoyer said:

Hi, could I get a small nudge for challenge 7 (fullspeed)? I believe I've reversed everything and am able to communicate successfully with the unmodified binary. But the used crypto seems to be secure (tried many attacks for a day) so no idea how to extract the flag from the .pcap.

Expand  
  Reveal hidden contents

 

  • Like 2
Posted

I'm new to CTF and kinda stuck at chall 2. All I can make out of from the decompiled program is that it involves chacha20-poly1305 encryption and there are two other main functions. Can anyone pls drop a hint?

  • Like 1
Posted

Any hint on challenge 6? I'm browsing and trying to follow the code for a while now.
It looks very complicated, and I think I probably just don't know how to approach this.
I obviously have never seen verilog before in my life😅

  • Like 1
Posted

Anyone can help me with 6?i really don't know how to understand what I'm reading 

  • Like 1
Posted

6 is just a PITA. 

  Reveal hidden contents

 

  • Like 1
Posted

Hint for 6

  Reveal hidden contents

 

  • Like 1
  • Haha 2
Posted

Any hint for chall3? I'm able to get most of the char thanks to constants values xored or added, but unable to find the rest, there is too much possibilities.

  • Like 1
Posted

need sanity check on challenge 7 (fullspeed)

  Reveal hidden contents

 

  • Like 1
Posted

I'm so stuck on challenge 5 :( Please can someone help me? I think I need it explaining like I'm a child 🤣

  • Like 1
understated1
Posted

Hi guys I'm new to Reverse engineering CTF and at got stuck totally at chall 2.

i saw the code via ghidra and noe it has chacha20-poly1305 encryption somewhere nd there is 2 main functions. Can anyone pls drop a hint what to do next as i wont be able to go forward any more then? pls help !

  • Like 1
Posted

Any hint on #7?

  Reveal hidden contents

 

  • Like 1
Posted (edited)

@JimJ1m

  Reveal hidden contents

@cl4whands, @xdbruh1234

  Reveal hidden contents

@understated1

  Reveal hidden contents

@James7349

  Reveal hidden contents
Edited by Washi
  • Like 1
Posted (edited)

More interested about your setups for challenge 5.

  • Is it possible to dump the shellcode from gdb?
    I did and while I can see the shellcode in gdb it doesn't appear in the disassembler (tried with IDA Free). In the dump that section is all byte 0.
  • Is it possible to connect the disassembler to the running gdb with the core file?

I managed to find the shellcode and extract what I think to be the encrypted RSA blob (0x200 bytes), additionally extracted e and N from the RSA structure, unfortunately cannot decrypt the blob. (the RSA part I think is only to verify the key signature so nothing to decrypt I guess).

Happy to bounce ideas here or in DM if anyone is interested. Thank you!

Edited by Peter
  • Like 1
Posted (edited)
  Reveal hidden contents

 

Edited by xdbruh1234
  • Like 1
Posted (edited)

ch5 is quite hard

Edited by Marie
i'm done
  • Like 1

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
×
×
  • Create New...