tl;dr

• Decoding the strings found in TCP stream 0.
• Analysing and extracting data sent via different ports of TCP.
• Using character-wise caesar from the extracted data.
• Zip cracking

Intended solution of PRetty stroNG challenge from InCTF Internationals 2019

tl;dr

• Recover sample outputs from PRNG
• reverse wrapper function
• find seed from outputs
• get the flag

Intended solution of Wannavmbe challenge from InCTF Internationals 2019

tl;dr

• Challenge is a VM.
• Reverse Instruction types and implementation.
• Understand that it has a fucntion which takes the base64 of CWD (Current working directory).
• Find the corrcect directory where it needs to be placed.

Intended solution of waRSAw challenge from InCTF Internationals 2019

tl;dr variant of LSB Oracle Attack on unpadded RSA

tl;dr

• Chrome history analysis
• File recovery from the memory dump
• Raw analysis of email content
• Environment variables analysis
• RAR password cracking
• Corrupted file analysis

tl;dr

• Master File Table Analysis
• Deleted file data recovery

tl;dr

1. Analysis of memory dump using Volatility framework.
2. Using mac_contacts plugin to get relevant data.
3. Base64 decode to get flag.

Solved by: stuxn3t

tl;dr

• Exploit code for a vulnerability in Firefox, found by saelo and coinbase security.
• IonMonkey does not check for indexed elements on the current element’s prototypes, and only checks on ArrayPrototype. This leads to type-confusion after inlining Array.pop.
• We confuse a Uint32Array and a Uint8Array to get a overflow in an ArrayBuffer and proceed to convert this to arbitrary read-write and execute shellcode.

tl;dr

This post will describe how I exploited CVE-2019-14378, which is a pointer miscalculation in network backend of QEMU. The bug is triggered when large IPv4 fragmented packets are reassembled for processing. It was found by code auditing.

tl;dr

• Challenge is a VM implemented over signals and ptrace
• Reverse Instruction types and implementation
• Use gdb scripting to find the executed code and get the pseudo VM code
• Find out the algorithm (Max triangle sum) from VM instructions
• Find an more optimized way to solve the problem (Or lazy solve it!).