CTF

Squnity CTF writeups (Jan-10-2019)

Squnity (an arab infosec community) organized a CTF on the 10th of January 2019. It had really interesting challenges. And although I wasn’t able to participate, I downloaded the binaries and took screenshots of the challenges to take a look at them later. Here are the ones I solved: 👇 Read more…

ago
CTF

SalusLab – RE challenge for beginners

This time we have a Reverse Code Engineering challenge . This challenge is really useful for beginners who like to jump head-first into RCE. Challenge info: (link to challenge) . The file provided is called “basic_re”, and has no extension. Lets check in a text editor or hex editor to Read more…

ago
CTF

SalusLab Web challenge

Challenge info: (link to facebook post) This is a multistep challenge.. Step 1 Lets visit that link. We find a simple web page with a form Lets type anything and submit.. (I typed 0xbahaa) It tells us to send the “var” in a POST request. We notice our input (0xbahaa) Read more…

ago
CTF

SalusLab MQTT challenge

Challenge info It’s pretty obvious that this is a script written in the python interpreter’s interactive mode. Here is the commented code for better explanation: >>> import base64 #importing base64 library >>> msg = msg + " "+ base64.b64encode(data) #encoding "data" in base64 #then adding it to local variable "msg" Read more…

ago
CTF

SqunityCTF[5] Old Style

This is the challenge description: Inside the zip file, we got 2 EXEcutables. Lets check the 1st one first . 1st EXE: Lets try to find information about this EXE file without running it. This is called Static analysis. First, use PEiD and EXEinfo PE. Nothing. But if we check Read more…

ago
CTF

SqunityCTF[4] Abusing

Hmmmm.. this time we got a sound file (.mp3). And the description says it’s about something old. Lets check it out.. If we play the sound file, we will notice instantly that it is Morse code. If you don’t know what that is, check out this explanatory video. Ok, how Read more…

ago
CTF

SqunityCTF[3] d3cod3 m3

What do we have here? It says “web server”, and the filename is “c99.zip”, so maybe it’s a PHP shell or something? Inside the zip, there is a PHP file. Let’s check what’s in it. (using notepad++ ) Hmm… some obfuscated PHP code. How do I know it’s obfuscated? Well, Read more…

ago
CTF

SqunityCTF[2] Zoom Eye

This is the data provided: I suppose we’ll be searching for something hidden. We’re given a compressed file “invokeme.7z” (note the filename)… Inside, there is an image file (9.81 MB in size, pretty big). I’m pretty confident at this point that this is a steganography challenge. The challenge description said Read more…

ago
CTF

SqunityCTF[1] $script kiddie

We’re provided with a zip-file “script.zip” (note the filename !!) Inside it is an EXE file; also named “script.exe” Once we extract it, we see the file’s icon… looks familiar? yup!! it’s an autoIt script, compiled into an EXE.. hence the file names containing the word “script” To be 100% Read more…

ago