Reverse Engineering — Castors CTF 2020

Mapping

main_main function
main_apply function
Input all printable character as password
the mapped value from all printable characacters
import base64flag=[0x65,0x48,0x70,0x7a,0x64,0x47,0x39,0x79,0x63,0x31,0x68,0x58,0x51,0x58,0x74,0x70,0x59,0x6c,0x38,0x30,0x63,0x6a,0x46,0x75,0x4d,0x6d,0x67,0x78,0x4e,0x44,0x59,0x31,0x62,0x6c,0x38,0x30,0x4d,0x58,0x6c,0x6f,0x4d,0x46,0x38,0x32,0x4d,0x6c,0x39,0x35,0x4d,0x44,0x51,0x30,0x4d,0x48,0x4a,0x66,0x4e,0x47,0x51,0x78,0x62,0x6c,0x39,0x69,0x4e,0x58,0x56,0x79,0x4d,0x6e,0x30,0x3d]
tmp=[0x35,0x36,0x37,0x30,0x31,0x32,0x33,0x34,0x38,0x39,0x7a,0x79,0x78,0x6a,0x6b,0x6c,0x6d,0x64,0x65,0x66,0x67,0x68,0x69,0x6e,0x6f,0x70,0x71,0x72,0x73,0x74,0x75,0x76,0x77,0x63,0x62,0x61,0x5a,0x59,0x58,0x46,0x47,0x41,0x42,0x48,0x4f,0x50,0x43,0x44,0x45,0x51,0x52,0x53,0x54,0x55,0x56,0x57,0x49,0x4a,0x4b,0x4e,0x4d,0x4c]
alpha=list('0123456789abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ')
dicti=dict(zip(tmp,alpha))
flag=base64.b64decode(''.join(map(chr,flag)))
result=""
for i in flag:
try:
result+=dicti[ord(i)]
except Exception as e:
result+=i
print result

Ransom

main_main function
main_getSeed function
traffic.pcapng
main_send function
traffic.pcapng
1. Creating fake web server with return value 1337 if the request using GET method and return "ok" if the request using POST method
2. Debugging binary to ensure that we give true logic on comparation
sudo ifconfig lo:40 192.168.0.2 netmask 255.255.255.0 up
flag.png

Octopus

0x00008dc200008fc2    0x0000a4c20000a3c2
0x0000a2c200009dc2 0x0000adc20000a3c2
0x000089c2000096c2 0x000090c20000a3c2
0x00009cc2000089c2 0x000096c2000083c2
0x00009cc200009ac2 0x0000a5c2000089c2
0x00009bc2000089c2 0x000000000000a4c2
main_main function ( new binary )

Thank You!

--

--

Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store
kosong

kosong

38 Followers

CTF Player | Currently learning about Reverse Engineering and Cryptography