August | 2008 | WebstersProdigy

wargames reverseme

August 15, 2008 Leave a comment

Defcon 16 was a lot of fun. There were a lot of fun challenges, but my favorite was probably the wargames revereme in open capture the flag.

You can download the binary here. Be careful, it can erase you hd.

It is an elf binary, and it runs fine on Linux. I ran in a (snapshotted) vm to hopefully mitigate some of the nasty things it could do – which luckily it did. It is packed with upx, which i found with strings, so first thing i unpacked it with upx-ucl. From there, I backtraced it with IDA and found the correct path for the key (which is thermonuclear war -> US -> St. Petersberg run as root). It then prints out the key before erasing your hd (more specifically your boot sector), so I put a breakpoint at the end to stop this from happening.

Anyway, this is a fun challenge. good luck!

Filed under Reverse Engineering Tagged with ctf, defcon, reverseme, reversing

python anagram finder

August 13, 2008 Leave a comment

This is a silly little program that finds anagrams. Just hangin out practicing python-fu, and this was a challenge I found online.

#!/usr/bin/env python

"""
This is a word descrambler for each word in wordlist.

This may be terribly inefficient, but I only have 10 words
to unscramble, so it's fine

plus it only takes about .1 second per word on my am2 3000
"""

import sys

file = open("./wordlist")
dictionary = []
dictfile = open("/usr/share/dict/words")
for i in dictfile:
  i = i.strip()
  dictionary.append(i)

for scramword in file:
  scramword = scramword.strip()  
  numletters = len(scramword)
  for word in dictionary:
    #first check that lengths are =
    if len(word) == numletters:
      isword = True
      for letter in word:
        if letter not in scramword:
          isword = False
          break
      #by this time most words are gone but there
      #may still be some superfluous guys
      for letter in scramword:
        if letter not in word:
          isword = False
          break   
      if isword:
        print word

Filed under Misc Tagged with python

Twit

RT @mubix: Something I forgot to mention is that we are looking for global hires for our Red Team as well, senior and regular levels. Mubix… 2 days ago
RT @taviso: Interested in getting started on Windows Kernel security research? blog.cmpxchg8b.com/2013/05/introd… 3 days ago
RT @tombkeeper: A true story: one of my buddies downloaded a porn, when he tried to watch it the player got crashed, and then he found a vu… 6 days ago
@homakov but yeah you're right, you need to log the user out of FB first (or if he doesn't have an FB account) 1 week ago
@homakov There are a couple ways you can force people to log out. Maybe in another post I'll talk about it. 1 week ago
RT @sctan: In web security, no mitigation's too simple when dealing with millions of users. 1 week ago
RT @homakov: It feels like i got to write a post about HOW SERIOUS CSRF in FB login is. FB refused to fix! O_o (Read the update) http://t.c… 1 week ago

Follow @webstersprodigy

WebstersProdigy

wargames reverseme

python anagram finder

Categories

Stuff

Recent Posts

Tags

Twit

Follow “WebstersProdigy”