BlazeCTF 2016 writeups

Hi

I particpated in blazectf in my free time with irGeeks team and seems we got 2nd place at the end. Here you can see some of my brief writeups.

dmail

Dmail was a pwnable task which has plenty of security mechanisms enabled:

gdb-peda$ checksec 
CANARY    : ENABLED
FORTIFY   : disabled
NX ...
more…

PlaidCTF 2016 Pwnable butterfly writeup

Hi

last weekend I enjoyed alot in 2~3 hours free time at Plaidctf 2016. Here you can see pwnable butterfly writeup.

We are given a pwnable x86-64 binary with following information:

[email protected]:~/ctf/plaid2016/pwn/butterfly$ file butterfly_33e86bcc2f0a21d57970dc6907867bed 
butterfly_33e86bcc2f0a21d57970dc6907867bed: ELF 64-bit LSB  executable, x86-64, version 1 (SYSV), dynamically ...
more…

VolgaCTF 4 writeups, 3*pwn + 1*admin

Hi all,

I participated in VolgaCTF with irGeeks Team. You can see some brief writeups and solutions below.

Web of Science - 250 pts

gdb-peda$ checksec 
CANARY    : ENABLED
FORTIFY   : disabled
NX        : disabled
PIE       : disabled
RELRO     : Partial

As we can see NX is disabled. so we can use stack frame pointer to ...

more…

ISCISC 2015 CTF Step3 Writeup

Hi all,

So it's time to write a little about iscisc 2015 ransomware quests, due to lack of time i just write a brief writeup, so i can update it soon. this is a related link to the contest.

We are given an archive named final-stp.7z, decompressing it ...

more…

Sharif CTF Exploiting Sweet Write-Up (200p)

Hey,

another write-up. It is about second Sharif CTF exploting that called Sweet and had 200 Point.

Like the previous one it requires one arguement to specify port number.

Let me ...

# ls
sweet.tar.gz
# tar zxf sweet.tar.gz 
# ls
sweet  sweet.tar.gz
# chmod +x sweet
# ./sweet 8888 ...
more…

Sharif CTF exploiting mellow Write-Up (100p)

Hi all,

At this post i'm going to explain about Sharif's 100 Point exploiting CTF that called 'Mellow'. Mellow seems to be a server written in c. It requires an argument which specify the port number.

# ls
mellow.tar.gz
# tar zxf mellow.tar.gz 
# ls
mellow  mellow ...
more…

IRDev

Hi all,

For those who trying to get access to latest version of IRDev + GUI :

you can download irdev_0.0.1_armel.deb from the following link :

irdev_0.0.1_armel.deb

Checksums-Sha1: 21321468dd46dcae252c6f70607231ebf1790610 37380 irdev_0.0.1_armel.deb

Checksums-Sha256: f1a52b5fff6f01ca4c85ec1efce111d9962522fdbdf66d22e165cb914456ad52 37380 irdev_0.0.1_armel.deb

Source code is under GPLv2 license ...

more…

Starting

Hi all,

It seems nothing satisfies me than blogging at this time ;)

I recently decided to blogging again, and maybe my little experiences would be useful for someone's researches.

So Welcome to my little corner ;)

Regards,

Hamid Zamani

more…