135 shaares
50 private links
50 private links
6 results
tagged
ctf
- https://andreafortuna.org/2017/06/25/volatility-my-own-cheatsheet-part-1-image-identification/
- https://andreafortuna.org/2017/07/03/volatility-my-own-cheatsheet-part-2-processes-and-dlls/
- https://andreafortuna.org/2017/07/10/volatility-my-own-cheatsheet-part-3-process-memory/
- https://andreafortuna.org/2017/07/17/volatility-my-own-cheatsheet-part-4-kernel-memory-and-objects/
- https://andreafortuna.org/2017/07/24/volatility-my-own-cheatsheet-part-5-networking/
- https://andreafortuna.org/2017/07/31/volatility-my-own-cheatsheet-part-6-windows-registry/
- https://andreafortuna.org/2017/08/07/volatility-my-own-cheatsheet-part-7-analyze-and-convert-crash-dumps-and-hibernation-files/
- https://andreafortuna.org/2017/08/21/volatility-my-own-cheatsheet-part-8-filesystem/
- https://github.com/volatilityfoundation/volatility
Volatility is no longer packaged with Kali since 2020.4 release but can be manually installed.
sudo apt-get install pcregrep libpcre++-dev python-dev
git clone https://github.com/gdabah/distorm.git
cd distorm3
sudo python setup.py install
sudo apt-get install yara -y
wget https://ftp.dlitz.net/pub/dlitz/crypto/pycrypto/pycrypto-2.6.1.tar.gz
tar -xvzf pycrypto-2.6.1.tar.gz
cd pycrypto-2.6.1
sudo python setup.py install
wget https://github.com/volatilityfoundation/volatility/archive/refs/tags/2.6.1.tar.gz
tar -xvzf 2.6.1.tar.gz
cd volatility-2.6.1
sudo python setup.py install
Some web challenges require executing /readflag
to get the flag. This executable will ask the user to compute some simple math. The timeout is very short, so the intended way to solve it is to write a script. However, there are better ways to solve it:
Solution 1: Trap the SIGALRM signal
$ trap "" 14 && /readflag
Solve the easy challenge first (((((-623343)+(913340))+(-511878))+(791102))-(956792))
input your answer: -387571
ok! here is your flag!!
Solution 2: mkfifo trick
$ mkfifo pipe
$ cat pipe | ./readflag |(read l;read l;echo "$(($l))" > pipe;cat)
input your answer:
ok! here is your flag!!
Ref: https://balsn.tw/ctf_writeup/20190427-*ctf/#solve_readflag-(not-a-challenge)
In the spirit of OpenCourseWare and the Khan Academy, OpenSecurityTraining.info is dedicated to sharing training material for computer security classes, on any topic, that are at least one day long.
An inventory of tools and resources about CyberSecurity.