[Web] Bugs Bunny CTF – LQI_X 140

LQI_X 140 Its for your , login and get all you need task : http://34.253.165.46/LQI_X/ Author: TnMch We have login form so lets start by doing some tests with curl at the GET parameter username: Nothing seems to be Changing lets try with password: Wow a custom error message? they must be filtering some characters … Continue reading [Web] Bugs Bunny CTF – LQI_X 140

Advertisements

[Reverse] Bugs Bunny CTF – Rev100

Starting to open our executable file on IDA: There is some weird shit going around but we can see a function i_am_debugged() which leads you to exit the program if you running the program on a debugger like gdb or even IDA, there is alot of calls as you can see in the assembly code … Continue reading [Reverse] Bugs Bunny CTF – Rev100

Trend Micro Online Qualifier – Misc 200

https://mega.nz/#!1hFXCApD!0oq_bFqbnaPsquuOySg4TSIYjPemVjzWWNqfg8OJ0WI openssl enc -d -aes-256-cbc -k KfRdN3YhyaMhAzLftsSw -in files22.enc -out files22.zip unzip files22.zip Find the LTE bands supported by this device, for example if the device suports the bands 1,2,3 the flag will be TMCTF{1,2,3}. This one was a bit confusing at first, after some searching about LTE on google I found this http://andmem.blogspot.pt/2013/11/mobilebandchange.html#chapter-10 (it's … Continue reading Trend Micro Online Qualifier – Misc 200

Ofensive 100 – CTF Trend Micro Online Qualifier 2016

Find the flag. https://www.mediafire.com/?3x3m94598518054 openssl enc -d -aes-256-cbc -k x0nSTZ9NrDgvCnqKhL9y -in files1.enc -out files1.zip unzip files1.zip After unzipping the file I found strange it was a hta file extension which I never heard off, but after analyzing the code it was just some html and javascript. Some of the JavaScript code was minimized so I … Continue reading Ofensive 100 – CTF Trend Micro Online Qualifier 2016