Difference between revisions of "CTF-practice-evening:2014-08-04"

From Technologia Incognita
Jump to: navigation, search
Line 20: Line 20:
 
* objdump -d: see the disassembly, sometimes you can see symbols
 
* objdump -d: see the disassembly, sometimes you can see symbols
 
** This example has mangled C++ symbols
 
** This example has mangled C++ symbols
* The program appears to be a daemon of some kind - a Socks proxy
+
* From running it, the program appears to be a daemon of some kind - a Socks proxy
 
** This is a proxy for TCP - we can look at the protocol details w/ Google
 
** This is a proxy for TCP - we can look at the protocol details w/ Google
 
** netstat -
 
** netstat -
 
* What was added between Socks4 and Socks5?  (there might be a bug)
 
* What was added between Socks4 and Socks5?  (there might be a bug)
 
** Authentication and connecting directly to a domain
 
** Authentication and connecting directly to a domain

Revision as of 18:54, 4 August 2014

CTF-practice-evening:2014-08-04
Date 2014/08/04
Time
Location ACTA
Type Workshop
Contact Melanie

Capture The Flag evening - Part 23

  • 4 August, 2014 - 7 PM
  • Please bring along a laptop with you!!!

General CTF Info

Binary Exploitation

  • Brainsmoke is talking about binary exploitation today
  • objdump -d: see the disassembly, sometimes you can see symbols
    • This example has mangled C++ symbols
  • From running it, the program appears to be a daemon of some kind - a Socks proxy
    • This is a proxy for TCP - we can look at the protocol details w/ Google
    • netstat -
  • What was added between Socks4 and Socks5? (there might be a bug)
    • Authentication and connecting directly to a domain