Skip to content

My CTF challenge for SEUCINSIDE 2013

May 27, 2013

For those who missed my challenge of SECUINSIDE CTF 2013. “angry_danbi” is here! You can download the binary.

http://115.68.24.145/secu_2013/

Short description for you. This challenge is written in Assembly and has some cute tricks for:

– anti linux based analysis tools (like gdb, objdump so on)
– anti IDA (can’t open the binary in IDA)
– anti hex-rays
– obfuscated instructions
– obfuscation to make hex-rays results dumb

Those are only for start. If you get over the hurdles, now, you need to figure out a tiny VM inside. Understanding the VM opcodes and leaking some bytes are the first goal. The next is just a stupid file API. The final goal is just a simple overflow. But you would miss something if you heavily relies on hex-rays. (Obfuscation.) So, this challenge has 3 stages.

Sounds a bit complicated but actually it was not. Because we had many challenges and we wanted that teams would solve all challenges during the competition. Finally, 4 teams greatly solved this one.

I’m planning to make a much harder challenge than this one for the finals since we may have lesser challenges. I hope teams will like it too. :) Catch up at the stage!

Advertisements

From → Security Misc

2 Comments
  1. 덕분에 vm에 대해서 많이 알았습니다. 감사합니다!

  2. One of the very most lucrative businesses women may go into may be the creation of accessories.
    Instant availability is what exactly is triggering ebook piracy
    too. The Vi – O comes pre set with the most widely used mobile phones,
    which includes Blackberry, i – Pod, i – Phone amongst others.

댓글을 남겨주세요.

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

%d bloggers like this: