Bangedablog

This post is a brief cheat sheet for solving CTF pwn and reversing challenges.

Online Tools

• https://libc.blukat.me/
• http://shell-storm.org/shellcode/
• https://github.com/0xb0bb/karkinos
• https://gchq.github.io/CyberChef/
• https://docs.pwntools.com/en/stable/intro.html

This is a collection of tips and tricks I have discovered in my working for FHICTF.

External sources

https://github.com/pwning/docs/blob/master/suggestions-for-running-a-ctf.markdown

Buffers

The “Suggestions for running a ctf” by PPP suggested using either xinetd or fork/accept in the binary itself for running remote challenges. When I joined FHICTF, there was one example pwn challenge, which used socat in docker. Because this seemed to work fine, I have not yet looked into the differences and possible problems with our approach.

One issue we have had was that when doing the...

One of my favorite tv shows ever is Mr Robot. It is commonly praised for its remarkably realistic hacks. But despite my eternal love for it, and the realism of a lot of the hacks, I had many questions when I did my 4th rewatch of the series. In S4E5, Darlene and Elliot break into Virtual Realty. Through a combination of social engineering, and technical attacks on physical security systems, they get into the server room. Most of this was done in the 40 minutes that their hack on the...

This post describes both how to set up an Angr environment for solving CTF reversing challenges as well as a template to use.