Difference between revisions of "CTF-practice-evening:2014-07-07"
| Line 30: | Line 30: | ||
* Look closer (50 points) | * Look closer (50 points) | ||
** We got a rar file that is actually a jpeg | ** We got a rar file that is actually a jpeg | ||
| + | ** If you look at the jpg file, you can see the flag | ||
| + | * Break me (100 points) | ||
| + | ** | ||
Revision as of 18:22, 7 July 2014
| CTF-practice-evening:2014-07-07 | |
|---|---|
| Date | 2014/07/07 |
| Time | |
| Location | ACTA |
| Type | Workshop |
| Contact | Melanie |
Capture The Flag evening - Part 21
- 7 July, 2014 - 7 PM
- Please bring along a laptop with you!!!
General CTF Info
- See the page for the Ctf-evenings
- Link to the Tech Inc Challenge Website Scoreboard
Pwnium CTF Retrospective
- Dimitris is discussing the challenges solved by Team Knuffelhackers in the Pwnium CTF last weekend
- Kernel land (150 points):
- Static binary - Dimitris loaded it into QEMU
- When he runs it it produces ticks - the hint: the flag is on the 3rd ticket
- He added a debugger to the VM
- He put a breakpoint on timer tick - and there's also a variable called 'flag'
- He needed to add the symbols to GDB
- He single stepped through the "ticks" , through the 3rd tick, and then examine the flag variable in memory at Tick 3
- USB is fun (100 points):
- We're given a pcap file with a USB transaction
- He was able to find the flag just by running strings on it!
- Look closer (50 points)
- We got a rar file that is actually a jpeg
- If you look at the jpg file, you can see the flag
- Break me (100 points)
