Category: reverse engineering

We are given a file called “impossible_password.bin”. Using xxd, I looked at the header of the file and found out that it was actually an ELF which meant that it could be executed. …

Category: Forensics

We are given a Wireshark packet capture file called “capture.pcap” and an RSA key called “picopico.key”. When you open capture.pcap in Wireshark you see a TLS stream that is likely to hold the flag somewhere in it.

When you follow the TLS stream, you can tell that it’s…

Category: reverse engineering and forensics

We are given a binary called “mystery” and an image named “encoded.bmp”. When I opened mystery in IDA, I saw that three files were being opened, two that are being read from (flag.txt and original.bmp) and one that is being appended to (encoded.bmp). …

Category: binary exploitation

We are given a binary and it’s source code called “auth” and “auth.c”. By looking at auth.c, you can tell that this program is essentially a simple authentication program. …

Category: reverse engineering

We are given a binary called “otp” and a text file called “flag.txt”. If you execute otp, you will notice that you need to pass a key as an argument in order for the program to run. When I opened otp in IDA, I saw that this…

Category: reverse engineering

We are given java source code called “VaultDoor6.java”. Inside this file there is a password system, where if you input the correct password (or the flag) an “Access granted” message will be printed. …