Anti-instrumentation techniques: I know you’re there, Frida!

Some days ago, due to a task I’m still doing, I started using Frida. At first glance, it is a great option, specially the Python bindings, to develop quick scripts to instrument a program. It’s multi-platform, multi-arch, it has binding for Python, Node.js and .NET and many other benefits. After some days of usage, I… Continue reading Anti-instrumentation techniques: I know you’re there, Frida!

H4CK1T CTF 2016 Quals – Mexico Pentest – 150 pts – Write-up

Those who know me are aware that I don’t like web challenges. However, this time I decided to try it out. We were provided with the following information: Our foreign partners have some problems with qualified staff in the field of information technology, we decided to help them and to conduct remote testing of their… Continue reading H4CK1T CTF 2016 Quals – Mexico Pentest – 150 pts – Write-up

H4CK1T CTF 2016 Quals – Argentina – r34n1m4710n – 100 pts – Write-up

This was an easy challenge. This were the instructions: Recover the password. h4ck1t{} We were provided with a .pcap file named top_secret_39af3e3ce5a5d5bc915749267d92ba43.pcap As I said, the task was very simple. I opened the file with Wireshark and did a manual examination of the packets, till I found a very suspicious FTP packet 🙂 flag: h4ck1t{i_G07_ur_f1l3s}  

H4CK1T CTF 2016 Quals – Quiz Peru 10 pts – Madagascar Decode 3 10 pts – Cote d’Ivoire Internet 10 pts and more – Write-up

These were some very easy challenges from H4CK1T CTF 2016 Qualification Round Quiz Peru 10 pts Decode it: 68 101 99 105 109 97 108 h4ck1t{decode} Solution using Python: >>> s = “68 101 99 105 109 97 108″ >>> ”.join([chr(int(x)) for x in s.split(” “)]) Flag is: h4ck1t{Decimal} Madagascar Decode 3 10 pts What… Continue reading H4CK1T CTF 2016 Quals – Quiz Peru 10 pts – Madagascar Decode 3 10 pts – Cote d’Ivoire Internet 10 pts and more – Write-up

H4CK1T CTF 2016 Quals – Hex0gator – Paraguay – 250 – PPC – Write-up

This was an easy challenge but a tedious one. This was the provided information: EN: All Experts of The Silver Shield Project can’t decipher the intercepted data. Who knows, maybe you can do it? and a file named 100_00edb54bed7e46bd5cdb7c06059881c2 was also provided to us. Basically, it is a .zip file that, once you extract it, it contains… Continue reading H4CK1T CTF 2016 Quals – Hex0gator – Paraguay – 250 – PPC – Write-up

H4CK1T CTF 2016 Quals – PhParanoid – Malaysia – 225 – Rever$e – Write-up

This was a funny challenge. Here’s the information we got: I am so paranoid! I try to hide everything from this mad world! I have already obfuscated my calculator sources, my javascript site sources and I`m not going to stop! And u will never know what I hide, haha! And we were provided with a… Continue reading H4CK1T CTF 2016 Quals – PhParanoid – Malaysia – 225 – Rever$e – Write-up

H4CK1T CTF 2016 Quals – Crypt00perator – Ethiopia – 95 – Rever$e – Write-up

This was an easy challenge, we had the following information: Long time ago one security module has been written. But for now its sources have been missed somehow. We have forgotten th3 access k3y, which, as we remember, has been hardcoded inside the module. Help us to recollect th3 k3y!11 We were provided with a binary named crypt0_0perator_56e0a9f07f54b3634ab5cc2b30e5b29e.exe zulma@palermo:~/Downloads$… Continue reading H4CK1T CTF 2016 Quals – Crypt00perator – Ethiopia – 95 – Rever$e – Write-up

CSAW CTF 2016 Qualification Round – Crypto Sleeping Guard 50 pts

At least for me, this wasn’t an easy challenge mostly because I went for the wrong way for a few hours. It was a trial and error challenge 🙂 We were given with the following sentence and a file named “sleeping_dist.py“: Only true hackers can see the image in this magic PNG…. nc crypto.chal.csaw.io 8000 Author:… Continue reading CSAW CTF 2016 Qualification Round – Crypto Sleeping Guard 50 pts