This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| var hexToAscii = function(input){ | |
| var hex = input.toString(); | |
| var str = ''; | |
| for (var i = 0; i < hex.length; i += 2) | |
| str += String.fromCharCode(parseInt(hex.substr(i, 2), 16)); | |
| return str; | |
| } | |
komen205
/ gist:aa415acaa2fbb3a086904cc420a8b323
Created
November 20, 2022 10:04
SquareCTF 2022 Yara Challenge "Yet Another Reversing Activity"
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| ``` | |
| Create removed.txt file | |
| 5F 39 | |
| 33 5F | |
| F8 99 | |
| 53 34 | |
| F8 83 | |
| 9A F7 | |
| DD EE | |
| 5C 6F |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| emoji hunt: | |
| flag{emojis_more_like_free_cloud_storage} | |
| step 1. Copy all images https://squarectf.slack.com/customize/emoji?utm_source=in-prod&utm_medium=inprod-customize_link-slack_menu-click | |
| step 2. follow https://gist.github.com/tobek/a17fa9101d7e28ddad26 | |
| step 3. use tab save and download all images | |
| step 4. and you get the flag exiftool . | grep -i "fl " | |
| Fl 1 : ag | |
| Fl 1 : ag | |
| Fl 7 : re | |
| Fl 7 : re |
komen205
/ gist:8b60daa7a28302743b3a8ba17f363c3e
Created
September 14, 2022 22:47
CSAW CTF Qualification Round 2022 - GAME reverse
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| By connecting to the server we see that it requires one or more inputs, when the input is something like 1 then 1. We encounter a door which requires a password. Now we can look at the binary file. | |
| I used Ghidra to decompile the file at first, then only later used IDA. First, by looking at the strings we can see some strings that we saw on the server output. I traced them back and found this method. | |
| https://imgur.com/AijEsVe | |
| It is interesting that the function call has an unusual name “fnv_1a_32”. If we search this on google the first search is a wikipedia page “Fowler–Noll–Vo hash function”. | |
| https://imgur.com/NYkjCRm |
komen205
/ gist:c1374b96eb0158a96d682995f79157b4
Created
September 3, 2022 11:47
— forked from pazdera/gist:1121315
Brute-force string generation in Python (optimized for printable characters only)
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/usr/bin/env python | |
| # -*- coding: utf-8 -*- | |
| # Brute-force string generation | |
| # Copyright (C) 2011 Radek Pazdera | |
| # This program is free software: you can redistribute it and/or modify | |
| # it under the terms of the GNU General Public License as published by | |
| # the Free Software Foundation, either version 3 of the License, or | |
| # (at your option) any later version. |