Understanding Integer Overflows - CrikeyCon 2017, Impossible Math Writeup

Mar 8, 2017
Category: Coding Points: 400 Solves: 7 Description: ctf.crikeycon.com:43981 Enumeration Before doing anything else on the host since we were provided with an unual port and address I attempted to ncat to it, receiving the following: Identifying the core problem Since the math is impossible there’s likely a trick here. With that in mind I figure we need to overload an operator (integer overflow) and try passing a large number as input:
read more

CrikeyCon 2017 - Fast Math Writeup

Mar 8, 2017
Category: Coding Points: 300 Solves: 14 Description: crikeyconctf.dook.biz:23776 Enumeration Before doing anything else on this host I attempted to connect to it, receiving the following: The time between being presented with the challenge and receiving a timeout was a mere two seconds. Although handy with a calculator this wouldn’t be possible without a script/bot. I also noted that the response and timing to answer didn’t change on a second connection, but the base operator did.
read more