Writeup Hology 3.0 CTF by Universitas Brawijaya
gunakan dengan baik
Menyusuri hutan banyak lumpur. nc 188.8.131.52 31337
this is just a simple buffer overflow challenge. here is my exploit for this challenge:
I feel a bit confused with the organizer, since they give the wrong libc with the server have(they provide libc 2.31 but the server use libc 2.27), and the aslr in the server is turned of, they even don’t give any announcement or hint about it. in this writeup, I will use a simple way to solve this challenge.
we had a
hello function, which can help us to get the flag. I just realize that the challenge doesn’t have aslr protection after the competition ended. since there is no aslr on the server so we can just use the static hello address that we got from local gdb which is
0x55555555552d. this is my exploit to solve this challenge:
just xor the
Copy this to address bar... seems legit.
according to the description, I assume the flag is in the clipboard since we are given a dump image memory file so we can use volatility to get all the clipboard
firstly we use
volatility -f Redvelvet imageinfo to find the right image profile.
Win7SP1x86 as my profile, now we can use command
volatility -f Redvelvet --profile=Win7SP1x86 clipboard to dump the clipboard data.
we were given a
pcapng file, and i found a png file signature on the
in order to extract the image, we have to sort from
STOR x00 to
STOR x13, in order to extract the file I made a simple python code
run and pipe to get a png file. and we got a QR code
after decoding the QR code I got a google drive link
https://drive.google.com/file/d/1TLw77M52ctjKN5X0DXiHKD9b5fdHUJzh/view there is a video on the google drive