Skip to content

Instantly share code, notes, and snippets.

Writeup net300 (ebCTF teaser 2013)

by tsuro and comawill (Stratum 0 https://stratum0.org)

Step 1: Reverse engineering

Here is what the program does:

  • It opens an socket(AF_INET, SOCK_RAW, 0xfe)
  • and waits with an resvmsg for incoming packets
  • each packet will be 'parsed' (extracts source_addr of the packet and skips the remaining part)
  • expexts the first four bytes of the payload as length of payload - 4