In the last part we’ve found heap buffer overflows in the structure holding victim information and a stack buffer overflow when receiving the name of the file that’s been encrypted. Now we’re going to find what possibilities they can offer us and use them to craft an exploit.Continue reading
In this part we’re going to suppose that we’ve managed to obtain a copy of the Tupper C&C server binary. Our goal is to reverse engineer it and summarize the overall operating process of Tupper.Continue reading
In the last part we have seen that Tupper encrypts “.txt” files using RSA and “.pdf” files using a xor and custom key schedule. In this part we will write decryption scripts to recover encrypted files because Tupper doesn’t provide any decryption function.Continue reading
Today we will reverse-engineer a simple “ransomware” made specifically for this purpose. Let’s give it the name Tupper. Tupper is not really a ransomware because it doesn’t ask for a ransom, it only attacks a specific location on the filesystem and I unintentionally forgot another important feature of ransomwares, try to find it. 🙂Continue reading
Before diving right into more advanced attacks, let’s take a minute to do a quick recap because it’s been a long time since the last part. Once your mind is warmed up you can safely move on.
On the program today you have :
- Small public exponent
- Hastad broadcast attack
- Fermat’s attack
- Wiener’s attack
Spoiler: There will be Maths 😉
RSA is my favorite cryptosystem. 🙂 It’s simple and powerful.
In this series I will try to go through every attacks (that I’m aware of) against RSA which are useful for solving CTF tasks.
I’m not going to give you scripts that will do all the work for you but rather explain how the attacks work. The aim of this series is to understand the attacks you use and which one is most appropriate depending on the task. I will try to be beginner friendly and repeat myself in the beginning but afterwards I will assume that the reader has learnt the concepts. Continue reading
EasyCTF is one of the largest student-run high school cybersecurity events.
It took place on Fri. 10/02/2018 until Sun. 20/02/2018. 1790 teams competed in the event. Continue reading
The Hackim 2018 CTF took place on Fri. 09/02/2018, 23:00 until Sun. 11/02/2018, 11:00. Over 1800 people took part in the event but only the top 40 were eligible to win a free conference pass for the Nullcom Goa 2018. Continue reading
Welcome to my blog !
As a first post I think I should explain the reasons why I decided to make a blog, what I will be posting about and how frequently, so let’s do that quickly !