parksjin01/CSAW 2014 writeup.md

Last active April 7, 2017 13:00

Star (0) You must be signed in to star a gist
Fork (0) You must be signed in to fork a gist

Select an option

Learn more about clone URLs
Clone this repository at <script src="https://gist.github.com/parksjin01/12d056072043c9471945329408142b3b.js"></script>
Save parksjin01/12d056072043c9471945329408142b3b to your computer and use it in GitHub Desktop.

Download ZIP

CSAW 2014 writeup

Raw

CSAW 2014 writeup.md

pcap.pcapng

File is really big, there are 26365 packets in pcap file.
There are telnet packet in here and there are flag
FLAG: flag{bigdataisaproblemnotasolution}

Not-NYSEC

Googling informal security meetup, we can find many meetups as result.
Just enter all of them
Answer: CitySec

Shameless_plug

Googling new USENIX workshop for education 14
Answer: 3GSE '14

We do not know either

On this day in November this part in question we can guess answer is a date.
Googling csaw career fair 2014, enter facebook page
I thought answer was 13 but look carefully CSAW2014 event is start at 13 and career fair is start at second day
Answer: 14

geohot-pls

Answer: livectf

pop-pop

pop eip/rip instruction is same as ret instruction

dumpster-diving

You don't have to check all of datas in dump file
Just check strings which contain flag
FLAG: {cd69b4957f06cd818d7bf3d61980e291}

Why-not-sftp

First I thought answer was password and passw0rd
It was wrong, in this packet there are zip file.
Extract zip file and unzip it we can get flag
FLAG: {91e02cd2b8621d0c05197f645668c5c4}

CSAW-reversing2

I think it's easier than 100 score prob
I just change asm instruction of jmp to nop.
Flag: {reversing_is_not_that_hard!}

bo

It's just reversing problem I think.
Use strings command to find flag
Flag: flag{exploitation_is_easy!}

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment