CSAW CTF 2014 is the second CTF contest I've attended ( the first one was the HITCON CTF 2014 ) . Since this is the first time I've actually solved something in the contest, I decide to post my first own writeup .
First the challenge gave us a binary file (ELF for Intel-386). But we can't execute it, cause we don't have the required shared library "libchallengeresponse.so". So we will have to launch IDA Pro to see what's going on within the program.
Similar with Pwn200, Pwn400 gave us a binary file, but no libc.so. Open it with IDA Pro and analyze it, we found some information:
For me, this is a challenge for CTF beginners. Most of the challenges are easy to solve, although some of them require some "imagination"...
In this writeup, I'll post the solutions of all the binary challenges and the misc challenges that I solved in the CTF.
Just another pwn task. Break in!
nc pwnie.2015.volgactf.ru 7777
I solve the challenge after the end of the CTF, because I think this is a great challenge for practicing format string and sprintf BOF vulnerability. Special thanks to Lays for putting the exploit on the trello and let me have time to study the challenge.
Points: 100 (Saw this-1), 400 (Saw this-2)
Survive and get the flag!
Note: This challenge contains two flags, one of them is easier to fetch, the other is harder.
The easier flag will be clearly indicated as "Flag 1", the harder flag as "Flag 2"
nc 18.104.22.168 31337
Category: Baby's First
Wibbly Wobbly Timey Wimey
考量到參與 AIS3 2015 pre-exam 的人幾乎都是台灣人
這個 blog 的第一篇中文 writeup 就獻給這篇了 XD
基本上就是全包這次 exam 的所有題目
Category: Reversing (FTP) & Exploitable (FTP2)
Points: 300 (FTP) & 300 (FTP2)
I hear bots are playing ctfs now.
nc 22.214.171.124 8888