CTF
問題 問題文 Come check out our finest selection of quills! app.rb Author: JoshDaBosh 問題概要 Ruby 製の Web アプリケーションフレームワークである sinatra を用いた Web アプリケーションのソースコード (app.rb) と 実際に動作する Web アプリケー…
問題 問題文 Can you generate a valid product key for the validation program in /problems/keygen-me-1_1_8eb35cc7858ff1d2f55d30e5428f30a7 問題概要 x86のELFファイルが与えられる. 解答例 指針 Cutter で解析 解説 wget コマンドで問題ファイルを取っ…
問題 問題文 The duck puns continue. Can you crack, I mean quack this program as well? You can find the program in /problems/quackme-up_2_bf9649c854a2615a35ccdc3660a31602 on the shell server. 問題概要 x86のELFファイルが与えられる. 解答例 指…
問題 問題文 You find this when searching for some music, which leads you to be-quick-or-be-dead-1. Can you run it fast enough? You can also find the executable in /problems/be-quick-or-be-dead-1_3_aeb48854203a88fb1da963f41ae06a1c. 問題概要…
問題 問題文 The image link appears broken... https://2019shell1.picoctf.com/problem/59857 or http://2019shell1.picoctf.com:59857 解答例 指針 頑張って JavaScript のコードを読む pngファイルの signature の値からkeyの候補を狭める 解説 与えられ…
問題 問題文 What does asm3(0xd46c9935,0xdfe28722,0xb335450f) return? Submit the flag as a hexadecimal value (starting with '0x'). NOTE: Your submission for this question will NOT be in the normal flag format. Source located in the director…
問題 問題文 Psst, Agent 513, now that you're an employee of Evil Empire Co., try to get their secrets off the company website. https://2019shell1.picoctf.com/problem/45012/ (link) Can you first find the secret code they assigned to you? or…
問題 問題文 Can you break into this super secure portal? https://2019shell1.picoctf.com/problem/32255/ (link) or http://2019shell1.picoctf.com:32255 Hints: What is obfuscation? 解答例 指針 js-beautify Chrome DevTools 解説 問題文で与えられ…
問題 問題文 This program prints any input you give it. Can you leak the flag? Connect with nc 2018shell.picoctf.com 3981. Source. Hints: If only the program used puts... 解答例 指針 format string attack による stack の読み込み 解説 与えら…
問題 問題文 James Brahm, James Bond's less-franchised cousin, has left his secure communication with HQ running, but we couldn't find a way to steal his agent identification code. Can you? Conect with nc 2018shell2.picoctf.com 37131. Sourc…
問題 問題文 As you enjoy this music even more, another executable be-quick-or-be-dead-2 shows up. Can you run this fast enough too? You can also find the executable in /problems/be-quick-or-be-dead-2_2_7e92e9cc48bad623da1c215c192bc919. Hin…
問題 問題文 This program gives you the address of some system calls. Can you get a shell? You can find the program in /problems/got-2-learn-libc_3_6e9881e9ff61c814aafaf92921e88e33 on the shell server. Source. Hints try returning to systems…
問題 問題文 Alright, this time you'll need to control some arguments. Can you get the flag from this program? You can find it in /problems/buffer-overflow-2_4_ca1cb0da49310dd45c811348a235d257 on the shell server. Source. Hints Try using gd…
問題 問題文 It's 1996 all over again! nc 35.207.132.47 22227 Difficulty estimate: very easy 問題概要 x86_64 の ELF ファイルとそのソースコードおよびそのプログラムが動いている接続先が与えられる. 解答例 指針 buffer overflow による return addr…
問題 問題文 Fun with flags: http://35.207.169.47 Flag is at /flag Difficulty estimate: Easy 問題概要 脆弱性のあるWebサービスの URL が与えられる. 解答例 指針 ディレクトリトラバーサル 解説 HTTP_ACCEPT_LANGUAGE の値に応じた国旗を表示するサー…
問題 問題文 This program executes any input you give it. Can you get a shell? You can find the program in /problems/shellcode_2_0caa0f1860741079dd0a66ccf032c5f4 on the shell server. Source. Hints Maybe try writing some shellcode? You also …
問題 問題文 Can you deal with the Duck Web? Get us the flag from this program. You can also find the program in /problems/quackme_1_374d85dc071ada50a08b36597288bcfd. Hints: Objdump or something similar is probably a good place to start. 問…
問題 問題文 Can you authenticate to this service and get the flag? Connect with nc 2018shell2.picoctf.com 23685. Source. Hints: Are all the system calls being used safely? Some people can have reallllllly long names you know.. 問題概要 脆…
問題 問題文 Okay now you're cooking! This time can you overflow the buffer and return to the flag function in this program? You can find it in /problems/buffer-overflow-1_1_8a16ff6a1b3cfb2e42c08d9090051a5d on the shell server. Source. Hint…
問題 問題文 Rick and morty played with the configurations of the portal gun and accidentally got stuck in this picture. Help us get them out. GottaGoDeeper.png 問題概要 png ファイルが与えられる. 解答例 指針 binwalk + 青空白猫 解説 与えられ…
問題 問題文 Let's start off simple, can you overflow the right buffer in this program to get the flag? You can also find it in /problems/buffer-overflow-0_2_aab3d2a22456675a9f9c29783b256a3d on the shell server. Source. Hints How can you tr…
問題 問題文 Can you utlize stdin, stdout, and stderr to get the flag from this program? You can also find it in /problems/in-out-error_4_c51f68457d8543c835331292b7f332d2 on the shell server Hints Maybe you can split the stdout and stderr o…
問題 問題文 We recovered some data. It was labeled as RSA, but what in the world are dq and dp Can you decrypt the ciphertext for us 問題概要 解答例 指針 中国人剰余定理 解説 与えられたファイルの中身を表示してみる. $ cat RSA.txt c: 95272795…
問題 問題文 It is not maybe so perfect. Hints: Use the golden math! crypto200.zip ※問題ファイルは下記のものを利用できる。 https://github.com/ctfs/write-ups-2015/tree/master/ekoparty-pre-ctf-2015/crypto/perfect-security 問題概要 暗号処理を…
問題 問題文 Ps and Qs Decrypt it. update: we fixed the flag, please try to submit again. psqs1-0dd2921c9fbdb738e51639801f64164dd144d0771011a1dc3d55da6fbcb0fa02.zip (pass:seccon2017) 問題ファイルは下記のリンクのものを利用できる。 https://gi…
問題 問題文 I used to be a hero. Now I can't even handle this: Mitschnitt Hints: We messed up, the flag starts with 34C4 not 34C3, sorry! 問題概要 音声ファイルが与えられる。 解答例 指針 やるだけ 解説 与えられた ogg ファイルを VLC で再生速…
問題 問題文 Can you reverse engineer this code and get the flag? This code is ARM Thumb 2 code which runs on an STM32F103CBT6. You should not need such a controller to solve this challenge. There are 5 stages in total which share all the s…
問題 問題文 I implemented some crypto and encrypted my secret: 03_duCbr5e_i_rY_or cou14:L4G f313_Th_etrph00 Wh03UBl_oo?n07!_e Can you get it back? 問題概要 暗号化処理をする Python3 スクリプトと暗号文が与えられる。 平文を復号せよ。 解答例 …
問題 問題文 Fady assumed this time that you will be so n00b to tell what encryption he is using he send the following note to his friend in plain sight : p=0xa6055ec186de51800ddd6fcbf0192384ff42d707a55f57af4fcfb0d1dc7bd97055e8275cd4b78ec63…