Chall.cpp// Built using Borland C++ 3.0 -- still the best IDE produced by humankind.// //// bcc -v CHALL.CPP //#include int main() { char name[32]; FILE *input = fopen("input.txt", "rt"); FILE *output = fopen("output.txt", "wt"); if (!input) { printf("Error opening input file!"); return 1; } if (!output) { printf("Error opening input file!"); return 1; } fscanf(input, "%[^ ]s..

한국인분들은 아래 KOREAN 부분부터 읽으시면 됩니다. English Hi, I'm part of the DeadSec team this time, and I solved 2 prob on the CTF in a hurry during the BOB project, and one question with a teammate. Even though I solved the 3 prob, I thought it would be good to keep a record of it. PWN Insanity Check (PWN) #include #include #include void rstrip(char* buf, const size_t len) { for (int i = len - 1; i >= 0; i--) ..

ENGLISH 1. Rockstar There are 72 functions, and we don't need to do the inverse operation. The first part of the flag is always 'flag{' and we only need to know the first 8 bytes to get the rest very quickly 2. Savage Fibonacci sequences can be optimized with DP 3. Crispy Chicken Attack (CCA) This problem is solvable if we know r. Since we can't decrypt flag directly, we can decrypt flag by mult..

ENGLISH Recovery 802.11 After extracting the key with AirCrack, enter it into wireshark Decrypt Key and you should see something like this double canary Since one of the double canaries is on top of the buf, we only need to leak the real one with a put. The stack structure is Double Canary -> Buf -> Real Canary. from pwn import * e = ELF('./double_canary') libc = ELF('./libc.so.6') #p = process(..