Difference between revisions of "CTF-practice-evening:2014-03-24"
| Line 27: | Line 27: | ||
*** The kernel needs to tell where the binary starts | *** The kernel needs to tell where the binary starts | ||
** You could also use IDA, but that's overkill for this binary | ** You could also use IDA, but that's overkill for this binary | ||
| + | * If you run it with strace, you see a list of signals and system calls | ||
| + | |||
= Next CTF Competition = | = Next CTF Competition = | ||
Revision as of 19:38, 24 March 2014
| CTF-practice-evening:2014-03-24 | |
|---|---|
| Date | 2014/03/24 |
| Time | |
| Location | ACTA |
| Type | Workshop |
| Contact | Melanie |
Contents
Capture The Flag evening - Part 11
- 24 March, 2014 - 7 PM
- Please bring along a laptop with you!!!
General CTF Info
- See the page for the Ctf-evenings
- Link to the Tech Inc Challenge Website Scoreboard
Walkthrough: Minibomb
- Brainsmoke is explaining how he solved the challenge 'Minibomb' during the Codegate CTF
- Minibomb is a small setuid binary
- This is probably a handmade binary written in assembler, Linux ELF, 32 bit
- You can see the ELF header if you use file or hexdump
- For more information about the ELF header (including the binary entry point, memory pages being loaded, executable text, etc..), you can use readelf
- Objdump allows us to disassemble the binary
- It's a static binary - there's no dynamic loader
- Dynamic binaries have an interpreter section, with more LD-* things that need to be resolved
- The kernel needs to tell where the binary starts
- You could also use IDA, but that's overkill for this binary
- If you run it with strace, you see a list of signals and system calls
Next CTF Competition
- We are having a look at:https://ctftime.org/event/list/upcoming
