There's no flood, but I'm awesome! Yeah! https://chokyuwon.github.io/ CCE 2020 Qualification Writeup - Use meet-in-the-middle attack. from Crypto.Cipher import AES import hashlib ENCRYPTED = b'\xA5\xD1\xDB\x88\xFD\x34\xC6\x46\x0C\xF0\xC9\x55\x0F\xDB\x61\x9E\xB9\x17\xD7\x0B\xC8\x3D\xE5\x1B\x09\x71\xAE\x5F\x1C\xB5\xC7\x2C\xC5\x3F\x5A\xA7\xFB\xED\x63\xE6\xAD\x04\x0D\x16\xF6\x33\x16\x01' memo1 = [] memo2 = [] def Check(buf, ml, cl): if ml != cl: for ch in range(0,100): buf[cl] = ch Check(buf, ml, cl+1) return for ch in range(0,100): buf[cl] = ch tmpBuf = bytes(buf) print(buf) aes1 =... Tue, 06 Oct 2020 00:00:00 -0700 https://chokyuwon.github.io/2020-10-06-we_can_meet_in_the_park/ https://chokyuwon.github.io/2020-10-06-we_can_meet_in_the_park/ Whitehat Grand Prix 06 Writeup - rev1 Open the binary using IDA. It is 32bit executable. int __cdecl main(int argc, const char **argv, const char **envp){ v30 = fopen("data", "rb"); v29 = operator new[](0x3Cu); for ( i = 0; i <= 14; ++i ) *(_DWORD *)(4 * i + v29) = operator new[](0x1000u); for ( j... Mon, 06 Jan 2020 00:00:00 -0800 https://chokyuwon.github.io/2020-01-06-WhitehatGrandPrixQuel_2019_rev1/ https://chokyuwon.github.io/2020-01-06-WhitehatGrandPrixQuel_2019_rev1/ BambooFox CTF 2019 Writeup - Move or Not use IDA to decompile it. __int64 __fastcall main(__int64 a1, char **a2, char **a3) { int v4; // [rsp+8h] [rbp-38h] int i; // [rsp+Ch] [rbp-34h] char s2; // [rsp+10h] [rbp-30h] unsigned __int64 v7; // [rsp+38h] [rbp-8h] v7 = __readfsqword(0x28u); i = 0; printf("First give me your password: ",... Thu, 02 Jan 2020 00:00:00 -0800 https://chokyuwon.github.io/2020-01-02-BambooFoxCTF_2019_Move_or_Not/ https://chokyuwon.github.io/2020-01-02-BambooFoxCTF_2019_Move_or_Not/ Inferno CTF 2019 Writeup - In chrome developer tool, I can see it use WASM(WebAssembly.) The page’s script is like this: const wabtCompiler = WabtModule(); async function loadText(url) { let response = await fetch(url, {cache: "no-cache"}); let data = await response.text() return data; } methods: { async selectExample(example) { const wat = await Promise.all(loadText(example +... Tue, 31 Dec 2019 00:00:00 -0800 https://chokyuwon.github.io/2019-12-31-InfernoCTF_2019_reversing_Web_Crackme/ https://chokyuwon.github.io/2019-12-31-InfernoCTF_2019_reversing_Web_Crackme/ Inferno CTF 2019 Writeup - In zip file, it contain 3 file with smali extend. It can easily convert to java bytecode. In MainActivity$1.smali, I can find main logic of username and password. .line 70 const-string v1, "m&m" invoke-virtual {p1, v1}, Ljava/lang/String;->equals(Ljava/lang/Object;)Z move-result p1 we can find username on this code. Analyze bytecode, password is... Tue, 31 Dec 2019 00:00:00 -0800 https://chokyuwon.github.io/2019-12-31-InfernoCTF_2019_reversing_Wannabe_Rapper/ https://chokyuwon.github.io/2019-12-31-InfernoCTF_2019_reversing_Wannabe_Rapper/ Inferno CTF 2019 Writeup - When I excute the file and attack debugger to it, I can find it was written by python. So I use python-exe-unpacker. There are so many package, but main logic is in emco file. emco has no signatue and extended, but I can simply read it by add signature on... Tue, 31 Dec 2019 00:00:00 -0800 https://chokyuwon.github.io/2019-12-31-InfernoCTF_2019_reversing_MrT4ntr4's_EmCo_App/ https://chokyuwon.github.io/2019-12-31-InfernoCTF_2019_reversing_MrT4ntr4's_EmCo_App/