Skip to content

Instantly share code, notes, and snippets.

@parksjin01

parksjin01/CSAW 2012 Writeup.md

Last active March 10, 2017 08:25
Show Gist options

  • Select an option

    Learn more about clone URLs
  • Save parksjin01/0c60d9e7dccb171ad9460782bda4dcf0 to your computer and use it in GitHub Desktop.

Select an option

Learn more about clone URLs
Save parksjin01/0c60d9e7dccb171ad9460782bda4dcf0 to your computer and use it in GitHub Desktop.
Download ZIP
CSAW 2012 Writeup
Raw
CSAW 2012 Writeup.md

exploitation1-release

  • If we open elf file with gdb, we can find AAAAAAAAAAAAAAAAAAAAAAAAAA and we can guess correct pw is that
  • Password(Not Flag): AAAAAAAAAAAAAAAAAAAAAAAAAA

telnet.pcap

  • It's not encrypted so we can see packet easily.
  • Computer user id is csaw and password is welcome to 1969

challenge2

  • It has FSB in program.
  • Using FSB and backdoor shellcode you can get flag

lemieux

  • pcap file is really large however with wiresharks filter function we can find target packet.
  • Flag is in packet with is start with Si.
  • Flag: brooklyn beat box

version1, version2

  • This two png files image content is exactly same, however file size is different. Wierd!
  • I tried to open it but PIL module couldn't open it so I tried to open it with hex edit.
  • There are many tEXt chunk in each file. I googling it little bit and find it's related with CRC error problem.
  • If you check tEXt chunk with pngcheck tool some text occur error.
  • version1 occur only one error and it's the flag
  • version2 occur only one correct text, other things all occur error so one correct is flag
  • version1's flag: takeuchi gregory
  • version2's flag: johnnie tigger

core

  • As problem file name, file type is linux x64 core dump file.
  • I tried to open it with hex editor and can find key.
  • Flag: this_should_be_pretty_hard_unless_you_use_grep
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment