I played Harekaze Mini CTF 2020 for about 3 hours this weekend. The pwn challenges were nice (I especially enjoyed nm-game-extreme
). Here are some short writeups.
The program just tells you to provide shellcode that will execute execve("/bin/sh", NULL, NULL)
. It gives you the address of the "/bin/sh" string, so you just create shellcode to do the job and send it:
#!/usr/bin/env python3
from pwn import *
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This is a collection of NFO templates from various PSP Crack / Warez Groups | |
--- 4Fun | |
▄▀ ▄▄█▓▄ ____________________ __________ ▄▓█▄▄ ▀▄ | |
▐█ ███▀██▓▄ / | \_ _____/ | \ \@TiLK ▄▓██▀███ █▌ | |
▓██▀ ░▐█▓▓ / | || __) | | / | \ ▓▓█▌░ ▀██▓ | |
▀█▓ ░▐█▓▌ / ^ / \ | | / | \ ▐▓█▌░ ▓█▀ | |
▀▀ ▄██▓ \____ |\___ / |______/\____|__ / ▓██▄ ▀▀ | |
▄██▓▀ ▄▀ |__| \/ \/ ▀▄ ▀▓██▄ |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
#!/usr/bin/env python3 | |
import numpy as np | |
class error(Exception): pass | |
class GaussJordan(): | |
def __init__(self,x,y): | |
self.m = x | |
self.n = y | |
self.matrix = [[ 0 for i in range(x)] for j in range(y)] |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
#!/usr/bin/env python3 | |
import os | |
import sys | |
import paramiko | |
class SSHClient: | |
def __init__(self,hostname, port, username, password): | |
self._port = port |
Aditional note: This is a translated version of the original project gist.github.com/st98/memo.md
We participated as Bok Team omakase. The final score was 173 points and the team was ranked 24th (out of 505 teams). We solved the problems on days 1 to 14, 21 to 22 and 25.
'0x41444354465f57334c43304d335f37305f414443374632303134'.match(/[0-9a-f]{2}/g).map(function(c){return String.fromCharCode(parseInt(c, 16))}).join('');
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
#include <stdio.h> | |
#include <stdlib.h> | |
#define MAX_SIZE 50 | |
typedef struct { | |
int key; | |
char name[MAX_SIZE]; | |
char departament[MAX_SIZE]; | |
char category[MAX_SIZE]; | |
float antiquity; |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
from z3 import * | |
import struct | |
# calculate e,f,d for a given input password | |
def calc(m): | |
e = 0 | |
f = 0 | |
d = 0 | |
for i in xrange(0, len(m)): | |
c = ord(m[i]) |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
#include <stdio.h> | |
#include <stdlib.h> | |
int main ( int argc, char** argvs ) { | |
int a = -127; | |
int b = 4; | |
int mod_ = a % b; | |
int mod_alt_a = a - b * ( a / b ); | |
// mod_alt works as alternative to modulo | |
int mod_alt = a & ( b - 1 ); |
OlderNewer