picoCTF 2022: forensics – Operation Oni

Ulli Weichert/ April 5, 2022/ IT-Security, Write-Ups/ 0Kommentare

Operation Oni Description Download this disk image, find the key and log into the remote machine. Note: if you are using the webshell, download and extract the disk image into /tmp not your home directory. Download disk image Remote machine: ssh -i key_file -p 60303 ctf-player@saturn.picoctf.net Solving Mounting the disk image (it is a msdos mbr partition… whole disk) Create

Weiterlesen

picoCTF 2022: forensics – Lookey here

Ulli Weichert/ April 5, 2022/ IT-Security, Write-Ups/ 0Kommentare

Lookey here Description Attackers have hidden information in a very large mass of data in the past, maybe they are still doing it. Download the data here. Solving Download File Cat File | grep picoCTF* You also can grep directly with grep -o "picoCTF{.*}" Feel free to use the getflag script. #!/bin/bash echo "Getting flag for you…" grep -o "picoCTF{.*}"

Weiterlesen

picoCTF 2022: binary-exploitation – bufferoverflow1

Ulli Weichert/ April 5, 2022/ IT-Security, Write-Ups/ 0Kommentare

buffer overflow 1 Description Control the return address Now we’re cooking! You can overflow the buffer and return to the flag function in the program. You can view source here. And connect with it using nc saturn.picoctf.net 51721 Info The links could be different.. the instance will be different (you have to launch your own in CTF) Solving This is

Weiterlesen