이번에 코드게이트 Junior에 나가게 되었습니다. BoB 활동을 하느라 CTF를 1년동안 공부하지 못해서, 최근 4달간 엄청난 공부를 하였습니다. 그 결과, 예선에서 약 8~10시간 정도 투자해 8위로 본선에 진출 할 수 있었습니다. WinPwn은 조금 더 잡았으면 풀 수 있었을 것 같은데, 전 날 너무 못 자서 피곤해서 자버렸습니다 .. ㅠ 더 수련해 나가야겠습니다. I participated in CodeGate Junior this year. I didn't study CTF for a year because I was doing BoB activities, so I studied a lot in the last 4 months. As a result, I was able to advance to..

Chall.cpp// Built using Borland C++ 3.0 -- still the best IDE produced by humankind.// //// bcc -v CHALL.CPP //#include int main() { char name[32]; FILE *input = fopen("input.txt", "rt"); FILE *output = fopen("output.txt", "wt"); if (!input) { printf("Error opening input file!"); return 1; } if (!output) { printf("Error opening input file!"); return 1; } fscanf(input, "%[^ ]s..

한국인분들은 아래 KOREAN 부분부터 읽으시면 됩니다. English Hi, I'm part of the DeadSec team this time, and I solved 2 prob on the CTF in a hurry during the BOB project, and one question with a teammate. Even though I solved the 3 prob, I thought it would be good to keep a record of it. PWN Insanity Check (PWN) #include #include #include void rstrip(char* buf, const size_t len) { for (int i = len - 1; i >= 0; i--) ..

ENGLISH 1. Rockstar There are 72 functions, and we don't need to do the inverse operation. The first part of the flag is always 'flag{' and we only need to know the first 8 bytes to get the rest very quickly 2. Savage Fibonacci sequences can be optimized with DP 3. Crispy Chicken Attack (CCA) This problem is solvable if we know r. Since we can't decrypt flag directly, we can decrypt flag by mult..

ENGLISH Recovery 802.11 After extracting the key with AirCrack, enter it into wireshark Decrypt Key and you should see something like this double canary Since one of the double canaries is on top of the buf, we only need to leak the real one with a put. The stack structure is Double Canary -> Buf -> Real Canary. from pwn import * e = ELF('./double_canary') libc = ELF('./libc.so.6') #p = process(..