๋ณธ๋ฌธ ๋ฐ”๋กœ๊ฐ€๊ธฐ

dreamhack19

[Dreamhack] littlevsbig Write Up โš ๏ธ littlevsbig Write Up 1. ๋ฌธ์ œ ํ™•์ธ ํ›„ ํŒŒ์ผ ๋‹ค์šด๋กœ๋“œ 2. ๋ฌธ์ œ ํŒŒ์ผ ์† chall.c ์˜คํ”ˆ ํ›„ ์ฝ”๋“œ ๋ถ„์„ --> FLAG ์ถœ๋ ฅ ์กฐ๊ฑด ๋ฐœ๊ฒฌ // Name: chall.c // Compile Option: gcc chall.c -o chall -fno-stack-protector #include #include #include #include #include #include #define FLAG_SIZE 0x45 void alarm_handler() { ใ…คใ…คputs("TIME OUT"); ใ…คใ…คexit(-1); } void initialize() { ใ…คใ…คsetvbuf(stdin, NULL, _IONBF, 0); ใ…คใ…คsetvbuf(stdout, NULL, _IONBF, 0); ใ…คใ…คsi.. 2023. 11. 28.
[Dreamhack] dreamhack-tools-cyberchef Write Up ๐ŸŒš dreamhack-tools-cyberchef Write Up 1. ๋ฌธ์ œ ์„ค๋ช… ํ™•์ธ ํ›„ ํŒŒ์ผ ๋‹ค์šด๋กœ๋“œ 2. ๋‹ค์šด๋ฐ›์€ ํŒŒ์ผ ์† index.html ์œผ๋กœ ์ ‘์† --> ์•”ํ˜ธ๋ฌธ๊ณผ ์•”ํ˜ธํ™” ์ˆœ์„œ ๋ฐœ๊ฒฌ # ์•”ํ˜ธํ™” ์ˆœ์„œ : Rail Fence → Base64 → ROT13 # ๋ณตํ˜ธํ™” ์ˆœ์„œ : ROT13 → Base64 → Rail Fence 3. ๋ฌธ์ œ์— ๋ช…์‹œ๋œ Cyberchef ์œผ๋กœ ์ ‘์† ++ Dreamhack Cyberchef --> https://tools.dreamhack.games/cyberchef dreamhack-tools tools.dreamhack.games 4. ๋ณตํ˜ธํ™” ์ˆœ์„œ์— ๋”ฐ๋ผ ์•”ํ˜ธ๋ฌธ ์ฐจ๋ก€๋กœ ๋ณตํ˜ธํ™” --> FLAG ๋ฐœ๊ฒฌ # Input : EUg5MJAyYJ9fYJ5iMKqio29iVK1VL2Wl.. 2023. 11. 27.
[Dreamhack CTF Season 3] ROT128 Write Up ๐Ÿชฎ ROT128 Write Up 1. ๋ฌธ์ œ ์„ค๋ช… ํ™•์ธ ํ›„ ํŒŒ์ผ ๋‹ค์šด๋กœ๋“œ 2. ๋‹ค์šด๋ฐ›์€ rot128.py ํŒŒ์ผ ์˜คํ”ˆ ํ›„ ์ฝ”๋“œ ๋ถ„์„ โ‘  hex_list ์ดˆ๊ธฐํ™” hex_list = [(hex(i)[2:].zfill(2).upper()) for i in range(256)] ์ฝ”๋“œ ์„ค๋ช… range(256) 0๋ถ€ํ„ฐ 255๊นŒ์ง€์˜ ์ˆซ์ž ์ƒ์„ฑ hex(i) ์ •์ˆ˜ i๋ฅผ 16์ง„์ˆ˜ ๋ฌธ์ž์—ด๋กœ ๋ณ€ํ™˜ [2:] '0x' ์ œ๊ฑฐ ๋‚˜๋จธ์ง€ ๋ถ€๋ถ„์„ ๊ฐ€์ ธ์˜ด zfill(2) ๋ฌธ์ž์—ด์˜ ๊ธธ์ด๋ฅผ 2๋กœ ์„ค์ • upper() ํ•ด๋‹น ๋‚ด์šฉ ๋Œ€๋ฌธ์ž๋กœ ๋ณ€ํ™˜ โ‘ก ์›๋ณธ flag.png ํŒŒ์ผ ์ฝ๊ธฐ with open('flag.png', 'rb') as f: ใ…คใ…คplain_s = f.read() ++ flag.png ํŒŒ์ผ์„ ์ด์ง„ ๋ชจ๋“œ('rb': read binary)๋กœ .. 2023. 11. 26.
[Dreamhack] Exercise: Welcome-Beginners ๋“œ๋ฆผํ•ต ์›Œ๊ฒŒ์ž„ ๋ฌธ์ œ ํ’€์ด ๐Ÿšบ Exercise: Welcome-Beginners ๋“œ๋ฆผํ•ต ์›Œ๊ฒŒ์ž„ ๋ฌธ์ œ ํ’€์ด 1. ๋ฌธ์ œ ์„ค๋ช… ํ™•์ธ ํ›„ ์„œ๋ฒ„ ์ƒ์„ฑ 2. ์ƒ์„ฑํ•œ ์„œ๋ฒ„๋กœ ์ ‘์†ํ•˜๊ธฐ ์ „, ๋ฌธ์ œ ํŒŒ์ผ ๋‹ค์šด๋กœ๋“œ ํ›„ ์˜คํ”ˆ 3. ์‚ฌ์šฉ์ž๋กœ๋ถ€ํ„ฐ ์ž…๋ ฅ๋ฐ›์€ ๊ฐ’์ด "Dreamhack" ์ธ ๊ฒฝ์šฐ FLAG๋ฅผ ์ถœ๋ ฅํ•˜๋Š” ๋ถ€๋ถ„ ๋ฐœ๊ฒฌ char cmp_str[10] = "Dreamhack"; char inp_str[10]; printf("Enter \"Dreamhack\" : "); scanf("%9s", inp_str); if(strcmp(cmp_str, inp_str) == 0){ ใ…คใ…คputs("Welcome Beginners!"); ใ…คใ…ค// print flag ใ…คใ…คputs(flag); } 4. Ubuntu ๊ฐ€์ƒํ™˜๊ฒฝ์—์„œ nc ๋ช…๋ น์–ด๋ฅผ ํ†ตํ•ด ์„œ๋ฒ„ ์ ‘์† --> "Drea.. 2023. 11. 25.
[Dreamhack] ex-reg-ex ๋“œ๋ฆผํ•ต ์›Œ๊ฒŒ์ž„ ๋ฌธ์ œ ํ’€์ด ๐Ÿคธ‍โ™€๏ธ ex-reg-ex ๋“œ๋ฆผํ•ต ์›Œ๊ฒŒ์ž„ ๋ฌธ์ œ ํ’€์ด 1. ๋ฌธ์ œ ์„ค๋ช… ํ™•์ธ ํ›„ ์„œ๋ฒ„ ์ƒ์„ฑ 2. ์ƒ์„ฑํ•œ ์„œ๋ฒ„๋กœ ์ ‘์†ํ•œ ๋’ค ์ž„์˜์˜ ๊ฐ’ ์ž…๋ ฅ --> Input ๊ฐ’์ด ๊ทธ๋Œ€๋กœ ์ถœ๋ ฅ๋จ์„ ํ™•์ธ 3. ๋ฌธ์ œ ํŒŒ์ผ ๋‹ค์šด๋กœ๋“œ ํ›„ app.py ์˜คํ”ˆ #!/usr/bin/python3 from flask import Flask, request, render_template import re app = Flask(__name__) try: ใ…คใ…คFLAG = open("./flag.txt", "r").read() # flag is here! except: ใ…คใ…คFLAG = "[**FLAG**]" @app.route("/", methods = ["GET", "POST"]) def index(): ใ…คใ…คinput_val = "" ใ…คใ…คif re.. 2023. 11. 24.
[Dreamhack] baby-linux ๋“œ๋ฆผํ•ต ์›Œ๊ฒŒ์ž„ ๋ฌธ์ œ ํ’€์ด ๐Ÿคฑ baby-linux ๋“œ๋ฆผํ•ต ์›Œ๊ฒŒ์ž„ ๋ฌธ์ œ ํ’€์ด 1. ๋ฌธ์ œ ์„ค๋ช… ํ™•์ธ ํ›„ ์„œ๋ฒ„ ์ƒ์„ฑ 2. ์ƒ์„ฑํ•œ ์„œ๋ฒ„๋กœ ์ ‘์† --> ls ๋ช…๋ น์–ด๋ฅผ ์ž…๋ ฅํ•˜์—ฌ ํ˜„์กดํ•˜๋Š” ํŒŒ์ผ ๋ชฉ๋ก ์ถœ๋ ฅ 3. cat ๋ช…๋ น์–ด๋ฅผ ํ†ตํ•ด requirements.txt ํŒŒ์ผ ์˜คํ”ˆ --> ๋ณ„๋‹ค๋ฅธ ํžŒํŠธ๋ฅผ ๋ฐœ๊ฒฌํ•˜์ง€ ๋ชปํ•จ 4. cat ๋ช…๋ น์–ด๋ฅผ ํ†ตํ•ด hint.txt ํŒŒ์ผ ์˜คํ”ˆ --> FLAG์˜ ๊ฒฝ๋กœ ๋ฐœ๊ฒฌ 5. ๋‹ค์‹œ cat ๋ช…๋ น์–ด๋ฅผ ์ด์šฉํ•ด hello ํŒŒ์ผ์— ์ ‘๊ทผ ์‹œ๋„ --> No! ๋ฌธ์ž์—ด๊ณผ ํ•จ๊ป˜ ์ ‘๊ทผ ๊ฑฐ๋ถ€ echo $(cat ./dream/hack/hello/flag.txt) 6. app.py ํŒŒ์ผ์„ ์—ด์–ด ์†Œ์Šค์ฝ”๋“œ ํ™•์ธ 7. app.py ์ฝ”๋“œ ํ™•์ธ --> Line 13์—์„œ 'flag' ์šฉ์–ด ํ•„ํ„ฐ๋ง ์š”์†Œ ๋ฐœ๊ฒฌ #!/usr/bin/env python3 import .. 2023. 11. 23.

ํ‹ฐ์Šคํ† ๋ฆฌํˆด๋ฐ”