staring into /dev/null

barrebas

Lord of the Root

I figured I’d try another VM from Vulnhub for a change. This is Lord of the Root v1.0.1.

Ekoparty - Cry100

We’re given a public key and a encrypted flag, with the task to get the private key. I’m not very good at crypto challenges so I wanted to see if I could break this one and learn something in the process.

Ekoparty - Pwn200

Where on earth shall we begin? This one kept us busy for quite some time. The challenge gives no binary, just an address to connect to. Upon connecting, we get some kind of echo server. We quickly noticed a string format vulnerability:

CAMP CTF - Secret_File

In this case, we’re asked to retrieve a secret file and given.. another binary. What did you expect? ;-)

CAMP CTF - Shell

shell was a pwnable from CAMP CTF. We’re given a 64-bit ELF binary, which shows the following when executed: