この広告は、90日以上更新していないブログに表示しています。

2012-04-30

英語版 PlaidCTF Writeups

Writeups.... no, it's just a memo I solved.

Addition is Hard [15] (Puzzles)

Addition is hard!

0x0 +0x7068703f = ?

Answer in decimal

This was happened on old version of php.
The answer is 0x7068703f * 2 = 3771785342

KEY: 3771785342

Editors [100] (Pirating)

We recently gained access to a log of a robot operative interacting with computer. We are unsure what he was up to but we know it is of the upmost importance to figure it out.

I tried out from the logged file.
The last value of the editor default is "/usr/bin/teco" rewrited by emacs.
OB is downer and OC is righter cursor key code.
[3~ is delete key code.
The rewrited number of sudoers is 2. It was by emacs and ed.
The number of shells invoked is 6. The user's shell and *account user's* shell, root's shell and splitted 4 shells.
The status of the machine is off because /sbin/poweroff executed by the last command "./exec" made by "ln -s /sbin/poweroff exec".

KEY: 2/usr/bin/teco6off

3D [100] (Potpourri)

The robots appear to be testing some kind of new camera technology but we haven't quite figured it out yet. Understanding this imaging could be crucial to our understanding the enemy and winning the war.

http://ctf.plaidctf.com/media/files/3d-4e5132069964e0d61c0fbd9099dea498/edbd4701d0b9d2a33a743e96f7bc8f3b

This file contains some pictures. Extract them and watch. The key is easily found.

KEY: 3d_giv35_m3_a_h3adach3

Paste [100] (Practical Packets)

Robot hackers, like their human counter parts, have a largely unmet need to dump large amounts of text to their peers. We recently got access to one of their servers and are providing you with the files. What have they been talking about?

http://23.21.4.176/8f6998e93eb49429e35ff74b2719dc7e/

http://23.21.4.176/8f6998e93eb49429e35ff74b2719dc7e/source.zip

I checked the packet and found some funny cookies.
In "make_followup.php", the code related PASTE_ADMIN was found.
So edited my cookie all value "TRUE" and tried to followup with description "^^". Then 500 error was occured.
In "display_paste.php", I found the *require* code.
I made the php which open the dir and files and display them on my server.
I tried with discription "^^http://***/***" and found "key.php".

KEY: s0m3_php_d3v5_actua11y_d0_th15

ECE's Revenge II [500] (Potpourri)

Our aerial reconnaissance drones recently sighted these new robot prototypes but we cannot figure out how to turn them on (INSERT INAPPROPIATE JOKE). Can you help us solve the mystery and get their electrons flowing?

http://ec2-23-20-214-191.compute-1.amazonaws.com/8f05e96b3986c333240ab1ecf03a2bb2/

JUST ANALYZE THREE BOARDS....
Chips are
74LS86 XOR
74LS32 OR
74ALS04 INVERTER
74LS08 AND
etc....

Dipswitch: 101001** 00111*** 0100****
Congratulations! The key is: 1_pr3f3r_p0tat0_ch1p5

Torrents [200] (Practical Packets)

It turns out that robots, like humans, are cheap and do not like paying for their movies and music. We were able to intercept some torrent downloads but are unsure what the file being downloaded was. Can you figure it out?

The information of bittorrent protocol is available.
Decode the packet data and I got mp3 file.
At the bottom of it "key.txt" was found.

KEY: t0renz0_v0n_m4tt3rh0rn