Our new domain is now disekt.org. Dot TK decided to take our free domain and sell it as a premium domain.
Given a binary that waits for user input when run:
$ /levels/level0 A Try harder -.-' $
Given a binary that takes one argument
$ /levels/level1/level1 Segmentation fault (core dumped) $ /levels/level1/level1 disekt you entred : disekt
Given a binary file.
bash-4.1$ /levels/level2/level2 Please wait, generating random SALT Random Salt : 28253132 Please wait, generating Secret Key part 2 ...
Given a binary that takes two arguments.
$ ./level3 useage : Decrypt <string> <key_filename>
Given a binary that takes one argument
$ ./level4 useage : copy_keyfile <Reason>
AED decided to use C++ to develop their internal tools. However, they seem to make a mistake one of their new C++ programs. Exploit and get the key! ssh username@a5.amalgamated.biz
AED's summer internship program is notorious for attracting terrible programmers. They've resorted to giving them some of the simplest projects to work on. We expect this service that the latest 'All-Star' intern worked on all summer is no where near secure. nc a9.amalgamated.biz 60124
This challenge was surprisingly simple. We were given an android .apk file. After converting the apk to a jar using dex2jar, we opening the jar with java decompiler JD. We immediately came across the following chunk of code.
ArrayList localArrayList = paramIntent.getStringArrayListExtra("android.speech.extra.RESULTS"); if ((!localArrayList.isEmpty()) && (a.b((String)localArrayList.get(0)))) { TextView localTextView = this.b; String str = a.a((String)localArrayList.get(0)); localTextView.setText(str); }
"Python source code is very clear and concise, and could sometimes bring out lots of clues. This is particularly true for this challenge."
This challenge proved to be rather interesting because it validated our incessant desire to run a brute force while we look for other solutions.
The python code is very clean, but after a while the inheritance duplicity in the classes and quantity of the code becomes rather dizzying. After reading through all the code, it can really be distilled down to the following important sections:
1. (server side) network.py
© 2010-2011 disekt - Hosted by inetric. Drupal theme by Kiwi Themes.