-
(Reverse - FCSC 2024) PTSD (both parts)
TL;DR: Reverse of a custom network protocol based on a Elliptic Curve Diffie-Hellman (ECDH) key exchange with AES-GCM encryption + exploitation of an integer overflow in the implementation of the protocol to impersonate a client with a replay attack. First part: PTSD - Init Description (in French): Vous vous êtes...
-
(Forensics - CCCampCTF 2023) live-forensics
TL;DR: Analysis of a dropper Linux malware. Description: We have detected suspicious network traffic originating from one of our servers. Could you assist us in investigating this? Hopefully, we won’t become the next victim of the Iron Oxide Infiltrators! Introduction We are given SSH access, with root permissions, to a...
-
(Reverse - imaginaryCTF 2023) Sheepish
TL;DR: Obfuscated Python code using lambda-calculus. Description: Mary had a flagchecker, its fleece was white as snow. Introduction We are given a Python script, consisting in a single line of ~26k characters, with lots of lambda-functions. The full script is available here , see the beginning and the end of...