Squnity (an arab infosec community) organized a CTF on the 10th of January 2019. It had really interesting challenges. And although I wasn't able to participate, I downloaded the binaries and took screenshots of the challenges to take a look at them later. Here are the ones I solved: ? Read more…
This time we have a Reverse Code Engineering challenge . This challenge is really useful for beginners who like to jump head-first into RCE. Challenge info: (link to challenge) . The file provided is called "basic_re", and has no extension. Lets check in a text editor or hex editor to Read more…
Challenge info: (link to challenge) . We're given a list/array of strings. Each one of those is a binary number (denoted by the 0b prefix). The author also provided the source code he used. This is what he did in short.. He put the flag as a string into a Read more…
Challenge info: (link to facebook post) This is a multistep challenge.. Step 1 Lets visit that link. We find a simple web page with a form Lets type anything and submit.. (I typed 0xbahaa) It tells us to send the "var" in a POST request. We notice our input (0xbahaa) Read more…
Challenge info It's pretty obvious that this is a script written in the python interpreter's interactive mode. Here is the commented code for better explanation: >>> import base64 #importing base64 library >>> msg = msg + " "+ base64.b64encode(data) #encoding "data" in base64 #then adding it to local variable "msg" Read more…
This is the challenge description: Inside the zip file, we got 2 EXEcutables. Lets check the 1st one first . 1st EXE: Lets try to find information about this EXE file without running it. This is called Static analysis. First, use PEiD and EXEinfo PE. Nothing. But if we check Read more…
Hmmmm.. this time we got a sound file (.mp3). And the description says it's about something old. Lets check it out.. If we play the sound file, we will notice instantly that it is Morse code. If you don't know what that is, check out this explanatory video. Ok, how Read more…
What do we have here? It says "web server", and the filename is "c99.zip", so maybe it's a PHP shell or something? Inside the zip, there is a PHP file. Let's check what's in it. (using notepad++ ) Hmm... some obfuscated PHP code. How do I know it's obfuscated? Well, Read more…
This is the data provided: I suppose we'll be searching for something hidden. We're given a compressed file "invokeme.7z" (note the filename)... Inside, there is an image file (9.81 MB in size, pretty big). I'm pretty confident at this point that this is a steganography challenge. The challenge description said Read more…
We're provided with a zip-file "script.zip" (note the filename !!) Inside it is an EXE file; also named "script.exe" Once we extract it, we see the file's icon... looks familiar? yup!! it's an autoIt script, compiled into an EXE.. hence the file names containing the word "script" To be 100% Read more…