Hackim Nullcon CTF – OSINT4

Hackim Nullcon CTF – OSINT4

ID-10-T Team     In this challenge they give us an ip address and we have to exploit a configuration flaw, to return the control to the legitimate owners. The first thing, scan the ports for this IP address:   nmap -sS 54.85.105.103 Starting Nmap 7.60 ( https://nmap.org ) at 2018-02-11 13:08 EST Nmap scan report for ec2-54-85-105-103.compute-1.amazonaws.com (54.85.105.103) Host is up (0.18s latency). Not shown: 998 closed ports PORT STATE SERVICE 22/tcp open ssh 80/tcp open http Nmap done:…

Leer más Leer más

Codegate CTF 2018 Preliminary – Welcome to droid

Codegate CTF 2018 Preliminary – Welcome to droid

This  test provides us an APK file through this link, called droid.apk. Analysis The first thing we do is install it on a genymotion android virtual machine, and execute it:   If we click next, pass to following challenge:   At this stage, if we click, it returns an error message. Then, we open it with jadx-gui  and analyze it. We see that there are several classes in the com.example.puing.a2018codegatepackage: These classes give us a hint as to the order in which…

Leer más Leer más

NullCon CTF: Reverse Level 5 (500 points)

NullCon CTF: Reverse Level 5 (500 points)

The first thing I did was making a static analysis. When you open the executable with IDA Pro, the first thing you see is the WinMain function: Analyzing the first function of WinMain (Sub_401250), you can see that it contains anti-debug mechanisms, so when the program is run, it will have put a break point and change EIP value for skip this function: Once I saw what the first function did, I went to the second function of WinMain (sub_401110), the first thing…

Leer más Leer más