Difference between revisions of "CTF-practice-evening:2014-08-04"
| Line 25: | Line 25: | ||
* What was added between Socks4 and Socks5? (there might be a bug) | * What was added between Socks4 and Socks5? (there might be a bug) | ||
** Authentication and connecting directly to a domain | ** Authentication and connecting directly to a domain | ||
| + | ** Most of the fields are fixed length | ||
| + | ** But the domain name is a string - it could have a buffer overflow | ||
Revision as of 18:54, 4 August 2014
| CTF-practice-evening:2014-08-04 | |
|---|---|
| Date | 2014/08/04 |
| Time | |
| Location | ACTA |
| Type | Workshop |
| Contact | Melanie |
Capture The Flag evening - Part 23
- 4 August, 2014 - 7 PM
- Please bring along a laptop with you!!!
General CTF Info
- See the page for the Ctf-evenings
- Link to the Tech Inc Challenge Website Scoreboard
Binary Exploitation
- Brainsmoke is talking about binary exploitation today
- objdump -d: see the disassembly, sometimes you can see symbols
- This example has mangled C++ symbols
- From running it, the program appears to be a daemon of some kind - a Socks proxy
- This is a proxy for TCP - we can look at the protocol details w/ Google
- netstat -
- What was added between Socks4 and Socks5? (there might be a bug)
- Authentication and connecting directly to a domain
- Most of the fields are fixed length
- But the domain name is a string - it could have a buffer overflow
