-
Notifications
You must be signed in to change notification settings - Fork 0
/
node.html
379 lines (352 loc) · 32 KB
/
node.html
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
306
307
308
309
310
311
312
313
314
315
316
317
318
319
320
321
322
323
324
325
326
327
328
329
330
331
332
333
334
335
336
337
338
339
340
341
342
343
344
345
346
347
348
349
350
351
352
353
354
355
356
357
358
359
360
361
362
363
364
365
366
367
368
369
370
371
372
373
374
375
376
377
378
379
<!DOCTYPE html>
<!--[if lt IE 7]> <html class="ie6 ie" lang="en" dir="ltr"> <![endif]-->
<!--[if IE 7]> <html class="ie7 ie" lang="en" dir="ltr"> <![endif]-->
<!--[if IE 8]> <html class="ie8 ie" lang="en" dir="ltr"> <![endif]-->
<!--[if IE 9]> <html class="ie9 ie" lang="en" dir="ltr"> <![endif]-->
<!--[if !IE]> --> <html lang="en" dir="ltr"> <!-- <![endif]-->
<head>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
<link rel="shortcut icon" href="sites/all/themes/open_framework/favicon.ico" type="image/vnd.microsoft.icon" />
<meta name="Generator" content="Drupal 7 (http://drupal.org)" />
<link rel="alternate" type="application/rss+xml" title="BalalaikaCr3w RSS" href="rss.xml" />
<!-- Set the viewport width to device width for mobile -->
<meta name="viewport" content="width=device-width, initial-scale=1.0">
<title>BalalaikaCr3w | Russian CTF team</title>
<style type="text/css" media="all">
@import url("https://ctfcrew.org/modules/system/system.base.css?qtecp0");
@import url("https://ctfcrew.org/modules/system/system.menus.css?qtecp0");
@import url("https://ctfcrew.org/modules/system/system.messages.css?qtecp0");
@import url("https://ctfcrew.org/modules/system/system.theme.css?qtecp0");
</style>
<style type="text/css" media="all">
@import url("https://ctfcrew.org/modules/comment/comment.css?qtecp0");
@import url("https://ctfcrew.org/modules/field/theme/field.css?qtecp0");
@import url("https://ctfcrew.org/modules/node/node.css?qtecp0");
@import url("https://ctfcrew.org/modules/search/search.css?qtecp0");
@import url("https://ctfcrew.org/modules/user/user.css?qtecp0");
@import url("sites/all/modules/views/css/views.css%3Fqtecp0.css");
@import url("sites/all/modules/ckeditor/css/ckeditor.css%3Fqtecp0.css");
</style>
<style type="text/css" media="all">
@import url("sites/all/modules/ctools/css/ctools.css%3Fqtecp0.css");
@import url("sites/all/libraries/syntaxhighlighter_3.0.83/styles/shCore.css%3Fqtecp0.css");
@import url("sites/all/libraries/syntaxhighlighter_3.0.83/styles/shThemeDefault.css%3Fqtecp0.css");
</style>
<style type="text/css" media="all">
@import url("sites/all/themes/open_framework/bootstrap/css/bootstrap.min.css%3Fqtecp0.css");
@import url("sites/all/themes/open_framework/bootstrap/css/bootstrap-responsive.min.css%3Fqtecp0.css");
@import url("sites/all/themes/open_framework/css/open_framework.css%3Fqtecp0.css");
@import url("sites/all/themes/open_framework/css/ie.css%3Fqtecp0.css");
@import url("sites/all/themes/open_framework/jquery.minicolors/jquery.minicolors.css%3Fqtecp0.css");
@import url("sites/all/themes/open_framework/css/jquery.themizer.css%3Fqtecp0.css");
@import url("sites/all/themes/open_framework/css/universal.css%3Fqtecp0.css");
@import url("sites/all/themes/open_framework/font-awesome-4.0.3/css/font-awesome.min.css%3Fqtecp0.css");
</style>
<style type="text/css" media="print">
@import url("sites/all/themes/open_framework/css/open_framework_print.css%3Fqtecp0.css");
</style>
<script type="text/javascript" src="sites/all/modules/jquery_update/replace/jquery/1.8/jquery.min.js%3Fv=1.8.3"></script>
<script type="text/javascript" src="https://ctfcrew.org/misc/jquery.once.js?v=1.2"></script>
<script type="text/javascript" src="https://ctfcrew.org/misc/drupal.js?qtecp0"></script>
<script type="text/javascript" src="sites/all/libraries/syntaxhighlighter_3.0.83/scripts/shCore.js%3Fqtecp0"></script>
<script type="text/javascript" src="sites/all/libraries/syntaxhighlighter_3.0.83/scripts/shAutoloader.js%3Fqtecp0"></script>
<script type="text/javascript" src="sites/default/files/syntaxhighlighter.autoloader.js%3Fqtecp0"></script>
<script type="text/javascript" src="sites/all/themes/open_framework/bootstrap/js/bootstrap.min.js%3Fqtecp0"></script>
<script type="text/javascript" src="sites/all/themes/open_framework/js/open_framework.js%3Fqtecp0"></script>
<script type="text/javascript" src="sites/all/themes/open_framework/js/override.js%3Fqtecp0"></script>
<script type="text/javascript" src="sites/all/themes/open_framework/jquery.minicolors/jquery.minicolors.min.js%3Fqtecp0"></script>
<script type="text/javascript" src="sites/all/themes/open_framework/js/jquery.themizer.js%3Fqtecp0"></script>
<script type="text/javascript" src="sites/all/themes/open_framework/js/universal.js%3Fqtecp0"></script>
<script type="text/javascript">
<!--//--><![CDATA[//><!--
jQuery.extend(Drupal.settings, {"basePath":"\/","pathPrefix":"","ajaxPageState":{"theme":"open_framework","theme_token":"bOoXF5_ZKGS779_bzZuYqSmd_l24yM60j1ne6xjKLJ0","js":{"sites\/all\/modules\/syntaxhighlighter\/syntaxhighlighter.min.js":1,"sites\/all\/modules\/jquery_update\/replace\/jquery\/1.8\/jquery.min.js":1,"misc\/jquery.once.js":1,"misc\/drupal.js":1,"sites\/all\/libraries\/syntaxhighlighter_3.0.83\/scripts\/shCore.js":1,"sites\/all\/libraries\/syntaxhighlighter_3.0.83\/scripts\/shAutoloader.js":1,"sites\/default\/files\/syntaxhighlighter.autoloader.js":1,"sites\/all\/themes\/open_framework\/bootstrap\/js\/bootstrap.min.js":1,"sites\/all\/themes\/open_framework\/js\/open_framework.js":1,"sites\/all\/themes\/open_framework\/js\/override.js":1,"sites\/all\/themes\/open_framework\/jquery.minicolors\/jquery.minicolors.min.js":1,"sites\/all\/themes\/open_framework\/js\/jquery.themizer.js":1,"sites\/all\/themes\/open_framework\/js\/universal.js":1},"css":{"modules\/system\/system.base.css":1,"modules\/system\/system.menus.css":1,"modules\/system\/system.messages.css":1,"modules\/system\/system.theme.css":1,"modules\/comment\/comment.css":1,"modules\/field\/theme\/field.css":1,"modules\/node\/node.css":1,"modules\/search\/search.css":1,"modules\/user\/user.css":1,"sites\/all\/modules\/views\/css\/views.css":1,"sites\/all\/modules\/ckeditor\/css\/ckeditor.css":1,"sites\/all\/modules\/ctools\/css\/ctools.css":1,"sites\/all\/libraries\/syntaxhighlighter_3.0.83\/styles\/shCore.css":1,"sites\/all\/libraries\/syntaxhighlighter_3.0.83\/styles\/shThemeDefault.css":1,"sites\/all\/themes\/open_framework\/bootstrap\/css\/bootstrap.min.css":1,"sites\/all\/themes\/open_framework\/bootstrap\/css\/bootstrap-responsive.min.css":1,"sites\/all\/themes\/open_framework\/fontawesome\/css\/font-awesome.min.css":1,"sites\/all\/themes\/open_framework\/css\/open_framework.css":1,"sites\/all\/themes\/open_framework\/css\/ie.css":1,"sites\/all\/themes\/open_framework\/jquery.minicolors\/jquery.minicolors.css":1,"sites\/all\/themes\/open_framework\/css\/jquery.themizer.css":1,"sites\/all\/themes\/open_framework\/css\/universal.css":1,"sites\/all\/themes\/open_framework\/font-awesome-4.0.3\/css\/font-awesome.min.css":1,"sites\/all\/themes\/open_framework\/css\/open_framework_print.css":1}},"syntaxhighlighter":{"useAutoloader":true}});
//--><!]]>
</script>
<!--[if IE 7]>
<link rel="stylesheet" href="/sites/all/themes/open_framework/fontawesome/css/font-awesome-ie7.min.css">
<![endif]-->
<!-- IE Fix for HTML5 Tags -->
<!--[if lt IE 9]>
<script src="/sites/all/themes/open_framework/js/html5shiv.js"></script>
<![endif]-->
<style type="text/css" media="all">@import url("sites/all/themes/open_framework/css/front.css");</style>
<script type="text/javascript" src="sites/all/themes/open_framework/js/front.js"></script>
</head>
<body class="main-body html front not-logged-in one-sidebar sidebar-second page-node content-first " >
<a href="node.html#content" class="element-invisible element-focusable">Skip to content</a>
<a href="node.html#main-nav" class="element-invisible element-focusable" data-target=".nav-collapse" data-toggle="collapse">Skip to navigation</a>
<!-- /#skipnav -->
<!-- /#admin-shortcuts -->
<div id="header" class="clearfix header" role="banner">
<div class="container">
<div class="row">
<div class="span12">
<div id="logo" class="site-logo"> <a href="index.html" title="Home" rel="home"> <img src="sites/default/files/logo.png" alt="BalalaikaCr3w" role="presentation" /> </a></div>
<!-- /#logo -->
<div id="name-and-slogan">
<div id="site-name" class="site-name"><a href="index.html" title="Home" rel="home">BalalaikaCr3w</a></div>
<div id="site-slogan" class="site-slogan">Russian CTF team</div>
</div>
<!-- /#name-and-slogan -->
</div>
</div>
<div class="social">
<a href="http://twitter.com/BalalaikaCr3w" class="social-item twitter">
<i class="fa fa-twitter"></i>
</a>
</div>
</div>
</div>
<!-- /#header --><div id="main" class="clearfix main" role="main">
<div class="container">
<div id="main-content" class="row main-content">
<div id="content" class="mc-content span9">
<div class="color-pane bg-0D"></div>
<div id="content-wrapper" class="content-wrapper">
<div id="content-head" class="row-fluid content-head">
</div>
<div id="content-body" class="row-fluid content-body"> <div class="region region-content clearfix">
<div id="block-system-main" class="clearfix block block-system"> <div class="content"> <article id="node-104" class="node node-writeup node-promoted node-teaser clearfix"> <div class="bookmark-wrapper">
<div class="type bg-0B">writeup</div>
<div class="bookmark">
<span class="day">23</span>
<span class="month">Jan</span>
</div>
<a href="node.html#node-104" class="link"><i class="fa fa-link"></i></a>
</div>
<div class="node-wrapper">
<h2><a href="writeup/104.html">Isomni'hack 2017 teaser mindreader writeup</a></h2>
<div class="submitted">
23.01.2017 16:46, by <i class="fa fa-user"></i><span class="username">russtone</span> </div>
<div class="content">
<div class="field field-name-field-category field-type-taxonomy-term-reference field-label-inline clearfix"><div class="field-label">Category: </div><div class="field-items"><div class="field-item even"><a href="categories/mobile.html">mobile</a></div><div class="field-item odd"><a href="categories/web.html">web</a></div></div></div><div class="field field-name-field-event field-type-taxonomy-term-reference field-label-inline clearfix"><div class="field-label">Event: </div><div class="field-items"><div class="field-item even"><a href="event/38.html">Isomni'hack teaser 2017</a></div></div></div><div class="field field-name-body field-type-text-with-summary field-label-hidden"><div class="field-items"><div class="field-item even"><p> </p>
<p><em>Machines infected lots of Android smartphones and try to collect information on human behaviour... Have a look to their application and try to steal information on them.</em></p>
<p>So we have an android application file. Let's decompile its code!</p>
<p>First, we need to translate Dalvik bytecode to equivalent Java bytecode. I used <a href="https://github.com/google/enjarify">enjarify</a> for this:</p></div></div></div> </div>
<ul class="links inline"><li class="node-readmore first last"><a href="writeup/104.html" rel="tag" title="Isomni'hack 2017 teaser mindreader writeup">Read more<span class="element-invisible"> about Isomni'hack 2017 teaser mindreader writeup</span></a></li>
</ul> </div>
</article>
<article id="node-101" class="node node-writeup node-promoted node-teaser clearfix"> <div class="bookmark-wrapper">
<div class="type bg-0B">writeup</div>
<div class="bookmark">
<span class="day">08</span>
<span class="month">May</span>
</div>
<a href="node.html#node-101" class="link"><i class="fa fa-link"></i></a>
</div>
<div class="node-wrapper">
<h2><a href="writeup/101.html">Web2 writeup</a></h2>
<div class="submitted">
08.05.2015 20:41, by <i class="fa fa-user"></i><span class="username">the_storm</span> </div>
<div class="content">
<div class="field field-name-field-category field-type-taxonomy-term-reference field-label-inline clearfix"><div class="field-label">Category: </div><div class="field-items"><div class="field-item even"><a href="categories/web.html">web</a></div></div></div><div class="field field-name-field-event field-type-taxonomy-term-reference field-label-inline clearfix"><div class="field-label">Event: </div><div class="field-items"><div class="field-item even"><a href="event/34.html">Volga CTF 2015 Quals</a></div></div></div><div class="field field-name-body field-type-text-with-summary field-label-hidden"><div class="field-items"><div class="field-item even"><p>This is the Web2 problem</p><p>The challenge simply states "Find the key!" and it gives us the challenge URL.<br />The first thing I usually do with a web challenge is to run dirbuster, spider the target and check the it with Nmap. </p><p>Checking with Nmap didn't result in anything interesting. However dirbuster did. I found two interesting folders.<br />The first one is "SecretAdminPanel" and the second one was "logs"</p><p>I visited "SecretAdminPanel" and I saw this.</p></div></div></div> </div>
<ul class="links inline"><li class="node-readmore first last"><a href="writeup/101.html" rel="tag" title="Web2 writeup">Read more<span class="element-invisible"> about Web2 writeup</span></a></li>
</ul> </div>
</article>
<article id="node-99" class="node node-writeup node-promoted node-teaser clearfix"> <div class="bookmark-wrapper">
<div class="type bg-0B">writeup</div>
<div class="bookmark">
<span class="day">24</span>
<span class="month">Mar</span>
</div>
<a href="node.html#node-99" class="link"><i class="fa fa-link"></i></a>
</div>
<div class="node-wrapper">
<h2><a href="writeup/99.html">Infosec mini ctf writeup </a></h2>
<div class="submitted">
24.03.2015 02:09, by <i class="fa fa-user"></i><span class="username">the_storm</span> </div>
<div class="content">
<div class="field field-name-field-category field-type-taxonomy-term-reference field-label-inline clearfix"><div class="field-label">Category: </div><div class="field-items"><div class="field-item even"><a href="categories/web.html">web</a></div><div class="field-item odd"><a href="categories/stego.html">stego</a></div><div class="field-item even"><a href="categories/forensics.html">forensics</a></div></div></div><div class="field field-name-field-event field-type-taxonomy-term-reference field-label-inline clearfix"><div class="field-label">Event: </div><div class="field-items"><div class="field-item even"><a href="event/33.html">Infosec Institute CTF</a></div></div></div><div class="field field-name-body field-type-text-with-summary field-label-hidden"><div class="field-items"><div class="field-item even"><div class="page" title="Page 3"><div class="layoutArea"><div class="column"><p><span style="font-size: 24.000000pt; font-family: 'Helvetica'; font-weight: bold; color: rgb(17.254900%, 43.529410%, 58.431380%);"><span style="color: #333333; font-size: 16px; font-weight: normal;">This is the InfoSec CTF writeup.</span></span></p></div></div></div></div></div></div> </div>
<ul class="links inline"><li class="node-readmore first last"><a href="writeup/99.html" rel="tag" title="Infosec mini ctf writeup ">Read more<span class="element-invisible"> about Infosec mini ctf writeup </span></a></li>
</ul> </div>
</article>
<article id="node-98" class="node node-writeup node-promoted node-teaser clearfix"> <div class="bookmark-wrapper">
<div class="type bg-0B">writeup</div>
<div class="bookmark">
<span class="day">04</span>
<span class="month">Mar</span>
</div>
<a href="node.html#node-98" class="link"><i class="fa fa-link"></i></a>
</div>
<div class="node-wrapper">
<h2><a href="writeup/98.html">Wood Island (Crypto - 150)</a></h2>
<div class="submitted">
04.03.2015 11:58, by <i class="fa fa-user"></i><span class="username">Triff</span> </div>
<div class="content">
<div class="field field-name-field-category field-type-taxonomy-term-reference field-label-inline clearfix"><div class="field-label">Category: </div><div class="field-items"><div class="field-item even"><a href="categories/crypto.html">crypto</a></div></div></div><div class="field field-name-field-event field-type-taxonomy-term-reference field-label-inline clearfix"><div class="field-label">Event: </div><div class="field-items"><div class="field-item even"><a href="event/32.html">Boston Key Party 2015</a></div></div></div><div class="field field-name-body field-type-text-with-summary field-label-hidden"><div class="field-items"><div class="field-item even"><p><strong>Task:</strong></p><p>You can try to sign messages and send them to the server, 52.0.217.48 port 60231. Sign the right message and you\'ll get the flag! Only problem---you don\'t have the signing key. I will give you this, though: sigs.txt is a file containing a bunch of signatures. I hope it helps. (P.S. Don\'t try and send the exact signatures in that file---that\'s cheating!)</p><p>Given archieve attached below.</p><p><strong>Solution:</strong></p><p></div></div></div> </div>
<ul class="links inline"><li class="node-readmore first last"><a href="writeup/98.html" rel="tag" title="Wood Island (Crypto - 150)">Read more<span class="element-invisible"> about Wood Island (Crypto - 150)</span></a></li>
</ul> </div>
</article>
<article id="node-97" class="node node-writeup node-promoted node-teaser clearfix"> <div class="bookmark-wrapper">
<div class="type bg-0B">writeup</div>
<div class="bookmark">
<span class="day">02</span>
<span class="month">Mar</span>
</div>
<a href="node.html#node-97" class="link"><i class="fa fa-link"></i></a>
</div>
<div class="node-wrapper">
<h2><a href="writeup/97.html">Kendall (pwn - 300)</a></h2>
<div class="submitted">
02.03.2015 14:00, by <i class="fa fa-user"></i><span class="username">Dor1s</span> </div>
<div class="content">
<div class="field field-name-field-category field-type-taxonomy-term-reference field-label-inline clearfix"><div class="field-label">Category: </div><div class="field-items"><div class="field-item even"><a href="categories/pwn.html">pwn</a></div></div></div><div class="field field-name-field-event field-type-taxonomy-term-reference field-label-inline clearfix"><div class="field-label">Event: </div><div class="field-items"><div class="field-item even"><a href="event/32.html">Boston Key Party 2015</a></div></div></div><div class="field field-name-body field-type-text-with-summary field-label-hidden"><div class="field-items"><div class="field-item even"><p>Description of task is pretty small:</p><p>52.0.164.37:8888</p><p>And <a href="sites/default/files/writeups/kendall.tar_.gz">link</a> to file (ELF 64-bit LSB executable, x86-64, version 1 (SYSV), dynamically linked (uses shared libs), for GNU/Linux 2.6.32, stripped).</p><p> </p><p><strong>Solution</strong></p><p>After connecting to the server we receive the following menu:</p></div></div></div> </div>
<ul class="links inline"><li class="node-readmore first last"><a href="writeup/97.html" rel="tag" title="Kendall (pwn - 300)">Read more<span class="element-invisible"> about Kendall (pwn - 300)</span></a></li>
</ul> </div>
</article>
<article id="node-96" class="node node-writeup node-promoted node-teaser clearfix"> <div class="bookmark-wrapper">
<div class="type bg-0B">writeup</div>
<div class="bookmark">
<span class="day">21</span>
<span class="month">Jan</span>
</div>
<a href="node.html#node-96" class="link"><i class="fa fa-link"></i></a>
</div>
<div class="node-wrapper">
<h2><a href="writeup/96.html">cloudfs forensics(200)</a></h2>
<div class="submitted">
21.01.2015 16:24, by <i class="fa fa-user"></i><span class="username">the_storm</span> </div>
<div class="content">
<div class="field field-name-field-category field-type-taxonomy-term-reference field-label-inline clearfix"><div class="field-label">Category: </div><div class="field-items"><div class="field-item even"><a href="categories/forensics.html">forensics</a></div></div></div><div class="field field-name-field-event field-type-taxonomy-term-reference field-label-inline clearfix"><div class="field-label">Event: </div><div class="field-items"><div class="field-item even"><a href="event/31.html">Ghost in the Shellcode CTF Quals 2015</a></div></div></div><div class="field field-name-body field-type-text-with-summary field-label-hidden"><div class="field-items"><div class="field-item even"><p>We have just finished Ghost in the Shell code CTF in 12th place. Though GITS CTF is usually one of the best CTFs, but this year they weren't that good. The web task had a good idea but wan't correctly implemented, some people got the flag right away from others' exploitations. Forensics tasks wasn't really PURE forensic. Yet, I personally enjoyed the CTF and enjoyed cloudfs challenge. </p></div></div></div> </div>
<ul class="links inline"><li class="node-readmore first last"><a href="writeup/96.html" rel="tag" title="cloudfs forensics(200)">Read more<span class="element-invisible"> about cloudfs forensics(200)</span></a></li>
</ul> </div>
</article>
<article id="node-95" class="node node-writeup node-promoted node-teaser clearfix"> <div class="bookmark-wrapper">
<div class="type bg-0B">writeup</div>
<div class="bookmark">
<span class="day">30</span>
<span class="month">Dec</span>
</div>
<a href="node.html#node-95" class="link"><i class="fa fa-link"></i></a>
</div>
<div class="node-wrapper">
<h2><a href="writeup/95.html">Rick (malware 15)</a></h2>
<div class="submitted">
30.12.2014 00:16, by <i class="fa fa-user"></i><span class="username">azrael</span> </div>
<div class="content">
<div class="field field-name-field-category field-type-taxonomy-term-reference field-label-inline clearfix"><div class="field-label">Category: </div><div class="field-items"><div class="field-item even"><a href="categories/admin.html">admin</a></div></div></div><div class="field field-name-field-event field-type-taxonomy-term-reference field-label-inline clearfix"><div class="field-label">Event: </div><div class="field-items"><div class="field-item even"><a href="event/30.html">31C3 CTF Quals 2014</a></div></div></div><div class="field field-name-body field-type-text-with-summary field-label-hidden"><div class="field-items"><div class="field-item even"><p>Task description says that "seems like somebody got pwned <a style="box-sizing: border-box; color: #337ab7;" href="http://188.40.18.67/">http://188.40.18.67</a>". When I went to the link I was immediately rickrolled.</p><p></div></div></div> </div>
<ul class="links inline"><li class="node-readmore first last"><a href="writeup/95.html" rel="tag" title="Rick (malware 15)">Read more<span class="element-invisible"> about Rick (malware 15)</span></a></li>
</ul> </div>
</article>
<article id="node-94" class="node node-blog node-promoted node-teaser clearfix"> <div class="bookmark-wrapper">
<div class="type bg-08">blog</div>
<div class="bookmark">
<span class="day">28</span>
<span class="month">Nov</span>
</div>
<a href="node.html#node-94" class="link"><i class="fa fa-link"></i></a>
</div>
<div class="node-wrapper">
<h2><a href="blog/94.html">This week for our team</a></h2>
<div class="submitted">
28.11.2014 00:57, by <i class="fa fa-user"></i><span class="username">Dor1s</span> </div>
<div class="content">
<div class="field field-name-body field-type-text-with-summary field-label-hidden"><div class="field-items"><div class="field-item even"><p class="p1"><span class="s1">This weekend we are going to take part in three on-site final challenges.</span></p><p class="p2"> </p><p class="p1"><span class="s1">First one is <strong>D-CTF 2014 Final</strong> at DefCamp Conference (http://defcamp.ro/) on information security, Bucharest, Romania.</span> </p><p class="p1"><span class="s1">The second is <strong>CSCAMP CTF 2014 Final</strong> held at Cairo, Egypt (http://www.cairosecuritycamp.com/).</span></p></div></div></div> </div>
<ul class="links inline"><li class="node-readmore first last"><a href="blog/94.html" rel="tag" title="This week for our team">Read more<span class="element-invisible"> about This week for our team</span></a></li>
</ul> </div>
</article>
<article id="node-93" class="node node-writeup node-promoted node-teaser clearfix"> <div class="bookmark-wrapper">
<div class="type bg-0B">writeup</div>
<div class="bookmark">
<span class="day">23</span>
<span class="month">Nov</span>
</div>
<a href="node.html#node-93" class="link"><i class="fa fa-link"></i></a>
</div>
<div class="node-wrapper">
<h2><a href="writeup/93.html">Collect as much as you can (Crypto 300)</a></h2>
<div class="submitted">
23.11.2014 04:06, by <i class="fa fa-user"></i><span class="username">Dil4rd</span> </div>
<div class="content">
<div class="field field-name-field-category field-type-taxonomy-term-reference field-label-inline clearfix"><div class="field-label">Category: </div><div class="field-items"><div class="field-item even"><a href="categories/crypto.html">crypto</a></div></div></div><div class="field field-name-field-event field-type-taxonomy-term-reference field-label-inline clearfix"><div class="field-label">Event: </div><div class="field-items"><div class="field-item even"><a href="event/29.html">CSCAMP CTF Quals 2014</a></div></div></div><div class="field field-name-body field-type-text-with-summary field-label-hidden"><div class="field-items"><div class="field-item even"><p>The description contains ip address and port to connect to and hint: IVs.</p><p>When we connect to given ip and port we can find that the server gives us result of encryption and 3 numbers that incrementing sequentially:</p></div></div></div> </div>
<ul class="links inline"><li class="node-readmore first last"><a href="writeup/93.html" rel="tag" title="Collect as much as you can (Crypto 300)">Read more<span class="element-invisible"> about Collect as much as you can (Crypto 300)</span></a></li>
</ul> </div>
</article>
<article id="node-91" class="node node-writeup node-promoted node-teaser clearfix"> <div class="bookmark-wrapper">
<div class="type bg-0B">writeup</div>
<div class="bookmark">
<span class="day">02</span>
<span class="month">Nov</span>
</div>
<a href="node.html#node-91" class="link"><i class="fa fa-link"></i></a>
</div>
<div class="node-wrapper">
<h2><a href="writeup/91.html">WireTap (Stegano 200)</a></h2>
<div class="submitted">
02.11.2014 22:37, by <i class="fa fa-user"></i><span class="username">Dor1s</span> </div>
<div class="content">
<div class="field field-name-field-category field-type-taxonomy-term-reference field-label-inline clearfix"><div class="field-label">Category: </div><div class="field-items"><div class="field-item even"><a href="categories/stego.html">stego</a></div></div></div><div class="field field-name-field-event field-type-taxonomy-term-reference field-label-inline clearfix"><div class="field-label">Event: </div><div class="field-items"><div class="field-item even"><a href="event/28.html">No cON Name CTF Finals 2014</a></div></div></div><div class="field field-name-body field-type-text-with-summary field-label-hidden"><div class="field-items"><div class="field-item even"><p><span data-rz-clipboard="true"><strong>Description:</strong> Does it sound like a flag? Maybe... I don't know...</span></p><p><span data-rz-clipboard="true">File: <a href="https://cloud.mail.ru/public/fd1b20161fe5/wiretap.wav.tar.xz">wiretap.wav</a></span></p><p><strong>Solution:</strong></p><p>Let's quickly analyze the file:</p></div></div></div> </div>
<ul class="links inline"><li class="node-readmore first last"><a href="writeup/91.html" rel="tag" title="WireTap (Stegano 200)">Read more<span class="element-invisible"> about WireTap (Stegano 200)</span></a></li>
</ul> </div>
</article>
<h2 class="element-invisible">Pages</h2><div class="item-list"><ul class="pager"><li class="pager-current first">1</li>
<li class="pager-item"><a title="Go to page 2" href="node%3Fpage=1.html">2</a></li>
<li class="pager-item"><a title="Go to page 3" href="node%3Fpage=2.html">3</a></li>
<li class="pager-item"><a title="Go to page 4" href="node%3Fpage=3.html">4</a></li>
<li class="pager-item"><a title="Go to page 5" href="node%3Fpage=4.html">5</a></li>
<li class="pager-item"><a title="Go to page 6" href="node%3Fpage=5.html">6</a></li>
<li class="pager-item"><a title="Go to page 7" href="node%3Fpage=6.html">7</a></li>
<li class="pager-item"><a title="Go to page 8" href="node%3Fpage=7.html">8</a></li>
<li class="pager-next"><a title="Go to next page" href="node%3Fpage=1.html">next ›</a></li>
<li class="pager-last last"><a title="Go to last page" href="node%3Fpage=7.html">last »</a></li>
</ul></div> </div>
</div></div>
<!-- /.region -->
<a href="rss.xml" class="feed-icon" title="Subscribe to BalalaikaCr3w RSS"><img src="https://ctfcrew.org/misc/feed.png" width="16" height="16" alt="Subscribe to BalalaikaCr3w RSS" /></a> </div>
</div>
<!-- /#content-wrap -->
</div>
<!-- /#content -->
<div id="sidebar-second" class="sidebar span3 site-sidebar-second">
<div class="color-pane bg-0B"></div>
<div class="row-fluid row-block row-block-1">
<div class="region region-sidebar-second clearfix">
<div id="block-system-navigation" class="clearfix block block-system block-menu"> <div class="content"> <ul class="menu nav"><li class="first leaf"><a href="index.html" class="active"><i class="fa fa-home"></i>Home</a></li>
<li class="leaf"><a href="writeups.html"><i class="fa fa-file-text"></i>Writeups</a></li>
<li class="leaf"><a href="tools.html"><i class="fa fa-wrench"></i>Tools</a></li>
<li class="last leaf"><a href="blogs.html"><i class="fa fa-users"></i>Blog</a></li>
</ul> </div>
</div>
<div id="block-views-events-block-1" class="clearfix block block-views"> <h2>Last events</h2>
<div class="content"> <div class="view view-events view-id-events view-display-id-block_1 view-dom-id-40908c07d35d37d29c8073d9c3a7e639">
<div class="view-content">
<div class="views-row views-row-1 views-row-odd views-row-first">
<div class="views-field views-field-name"> <span class="field-content"><a href="event/32.html">Boston Key Party 2015</a></span> </div> </div>
<div class="views-row views-row-2 views-row-even">
<div class="views-field views-field-name"> <span class="field-content"><a href="event/36.html">Boston Key Party CTF 2016</a></span> </div> </div>
<div class="views-row views-row-3 views-row-odd views-row-last">
<div class="views-field views-field-name"> <span class="field-content"><a href="event/35.html">EKOPARTY PRE-CTF 2015</a></span> </div> </div>
</div>
<div class="more-link">
<a href="events.html">
all events </a>
</div>
</div> </div>
</div>
</div>
<!-- /.region -->
</div>
<div class="color-pane bg-09"></div>
<div class='row-fluid row-block row-block-2'>
<ul class="nav">
<li><a href="user.html"><i class="fa fa-sign-in"></i>Sign in</a></li>
</ul>
</div>
</div>
<!-- /#sidebar-second --> </div>
</div>
</div>
<!-- /#main, /#main-wrapper -->
<div id="footer" class="clearfix site-footer" role="contentinfo">
<div class="container">
<div id="footer-content" class="row-fluid footer-content"> <div class="region region-footer clearfix">
<div id="block-block-1" class="clearfix block block-block"> <div class="content"> <p>All articles, writeups, tools and software are copyrighted by their respective authors.<br>© <a href="index.html">Balalaika Cr3w</a>, Russian CTF team, 2014</p> </div>
</div>
</div>
<!-- /.region -->
</div>
</div>
</div>
<!-- /#footer --> <script type="text/javascript" src="sites/all/modules/syntaxhighlighter/syntaxhighlighter.min.js%3Fqtecp0"></script>
</body>
</html>