Challenge: Holiday Hack 2022. Part 1. — I’ve just completed the SANS Holiday Hack Challenge for 2022, I thought it was a lot of fun this year! Here is my write up. Challenge 1 of this CTF was simply obtaining your personal crypto wallet address and key, which is done as a part of the orientation. Challenge 2 — Wireshark Practice In…

Challenge: Impossible Password — Category: reverse engineering We are given a file called “impossible_password.bin”. Using xxd, I looked at the header of the file and found out that it was actually an ELF which meant that it could be executed. …

Challenge: WebNet0 — Category: Forensics We are given a Wireshark packet capture file called “capture.pcap” and an RSA key called “picopico.key”. When you open capture.pcap in Wireshark you see a TLS stream that is likely to hold the flag somewhere in it. When you follow the TLS stream, you can tell that it’s…

Challenge: Investigative Reversing 3 — Category: reverse engineering and forensics We are given a binary called “mystery” and an image named “encoded.bmp”. When I opened mystery in IDA, I saw that three files were being opened, two that are being read from (flag.txt and original.bmp) and one that is being appended to (encoded.bmp). …

Challenge: messy-malloc — Category: binary exploitation We are given a binary and it’s source code called “auth” and “auth.c”. By looking at auth.c, you can tell that this program is essentially a simple authentication program. …