Monday, October 01, 2012

CSAW 2012 Quals - writeup collection

Trivia


http://eindbazen.net/2012/09/csaw-2012-trivia/http://the-ctf-guy.blogspot.in/2012/10/csaw-2012-trivia-challenges.html


Recon 


Web 

c4ca4238a0b923820dcc509a6f75849b - 100 Points
http://128.238.66.216/c4ca4238a0b923820dcc509a6f75849b/
Lara Anderton needs to break into PreCrime to free her husband, but they just installed a fancy new security system. Help her break into it!
Solutions:
http://eindbazen.net/2012/09/csaw-2012-web-100/

c81e728d9d4c2f636f067f89cc14862c - 200 Points
http://128.238.66.216/c81e728d9d4c2f636f067f89cc14862c/
Solutions:
http://eindbazen.net/2012/09/csaw-2012-web-200/

217 - 300 Points
http://128.238.66.217/
This is a website belonging to a horse-fighting gang. Even with an account, it's not clear what they're up to. Your task is to get administrator access and see if you can figure anything out. Your account is csaw_challenger/letmein123.
Solutions:
http://isisblogs.poly.edu/2012/09/30/csaw-ctf-horseforce-writeup/

CryptoMat - 400 Points
http://128.238.66.214/
CryptoMat is a site where you can send encrypted messages to other users. Dog is a user on the site and has the key. Figure out how to get into his account and obtain it.
Solutions:
http://blog.lse.epita.fr/articles/29-csaw-ctf-2012-web-400-writeup.html

Noderper - 500 Points
Derpsoft
Hello, QA personnel! As you know, we here at Noderpsoft are desperately trying to put the finishing touches on our Noderper web UI, and although we're super mega confident in the awesomness of our Web 12.0-centric strategy, we had some security consultant jerk tell us that our diagnostic interface was a Pastebin in the making.What a load of baloney! There isn't anything wrong with it, but just to satisfy the derpiest of derps, we thought we'd let you all prove us RIGHT! What better way to check the status of your system than with common Lunix commands, and even offer an awesome Web 2.5-3.0 (depending on who we're marketing to that day) friendly extensible interface?!?!??!?!?!?!?!??!?!?!
We hope you like Noderper as much as we do, and find zero bugs or mythical, so-called security vulnerabilities in it. Otherwise, you're fired.
Sincerely, and with all the hopes for the most ludicrous of V.C. money,
Roberto J. Quinetana
Solutions:
http://eindbazen.net/2012/09/csaw-2012-web-500/
http://blog.lse.epita.fr/articles/27-csaw-ctf-2012-web-500-writeup.html
https://github.com/quine/csaw2012/tree/master/noderp
eccbc87e4b5ce2fe28308fd9f2a7baf3 - 600 Points
http://128.238.66.216/eccbc87e4b5ce2fe28308fd9f2a7baf3/
Solutions:
http://eindbazen.net/2012/09/csaw-2012-web-600/

Reversing

csaw2012reversing.exe - 100 Points
csaw2012reversing.exe
csaw2012reversing.pdb

Solutions:


CSAWQualificationEasy.exe - 200 Points
CSAWQualificationEasy.exe
Solutions:
CSAWQualification.exe - 300 Points
CSAWQualification.exe
Solutions:
csaw2012reversing - 400 Points
csaw2012reversing
Solutions:
8086100f.mrom - 500 Points
8086100f.mrom
8086100f.mrom.tmp

Exploitation

54321 - 200 Points
nc 128.238.66.218 54321
exploitation1-release
Read the key out of ./key in the current working directory.
Solutions :
http://xelenonz.blogspot.in/2012/10/csaw-ctf-exploit200-write-up.html
http://ppp.cylab.cmu.edu/wordpress/?p=954

4842 - 300 Points
nc 128.238.66.218 4842
Read the key out of ./key in the current working directory.
This binary has been changed to update the server.
Solutions :
http://eindbazen.net/2012/09/csaw-2012-exploitation-300/
http://ppp.cylab.cmu.edu/wordpress/?p=968

23456 - 400 Points
nc 128.238.66.213 23456
Read the key out of ./key in the current working directory.
Solutions :
http://ppp.cylab.cmu.edu/wordpress/?p=985

12345 - 500 Points

nc 128.238.66.213 12345
Read the key out of ./key in the current working directory
Solutions :
http://ppp.cylab.cmu.edu/wordpress/?p=1015
http://blog.lse.epita.fr/articles/31-csaw-ctf-2012-exploitation-200300400500-writeups.html

Forensics

version1.png - 200 Points

version1.png

Solutions :
version2.png - 200 Points
version2.png
core - 500 Points
core

Networking

telnet.pcap - 100 Points
telnet.pcap

lemieux.pcap - 200 Points
lemieux.pcap
Some dude I know is planning a party at some bar in New York! I really want to go but he's really strict about who gets let in to the party. I managed to find this packet capture of when the dude registered the party but I don't know what else to do. Do you think there's any way you can find out the secret password to get into the party for me? By the way, my favorite hockey player ever is mario lemieux.
dongle.pcap - 300 Points
dongle.pcap
timewave-zero.pcap - 400 Points
timewave-zero.pcap
According to Terence McKenna, the universe has a teleological attractor at the end of time that increases interconnecte dness, eventually reaching a singularity of infinite complexity in 2012, at which point anything and everything imaginable will occur simultaneously. He conceived this idea over several years in the early to mid-1970s while using psilocybin mushrooms and DMT.
Once you get the key, truncate it to 128 characters.
Solutions:
http://blog.lse.epita.fr/articles/30-csaw-ctf-2012-timewave-zeropcap-net400.html

2 comments:

Nikita Arykov said...
This comment has been removed by the author.
Nikita Arykov said...
This comment has been removed by the author.