add 6.1.24 6.1.25

This commit is contained in:
firmianay 2018-05-04 22:56:51 +08:00
parent 38adff96ae
commit 8fe1a305ae
17 changed files with 63 additions and 111 deletions

View File

@ -28,13 +28,6 @@ GitHub 地址https://github.com/firmianay/CTF-All-In-One
* [1.5.9 Linux 内核](doc/1.5.9_linux_kernel.md) * [1.5.9 Linux 内核](doc/1.5.9_linux_kernel.md)
* [1.5.10 Windows 内核](doc/1.5.10_windows_kernel.md) * [1.5.10 Windows 内核](doc/1.5.10_windows_kernel.md)
* [1.6 密码学基础](doc/1.6_crypto_basic.md) * [1.6 密码学基础](doc/1.6_crypto_basic.md)
* [1.6.1 初等数论](doc/1.6.1_number_theory.md)
* [1.6.2 近世代数](doc/1.6.2_modern_algebra.md)
* [1.6.3 流密码](doc/1.6.3_stream_cipher.md)
* [1.6.4 分组密码](doc/1.6.4_block_cipher.md)
* [1.6.5 公钥密码](doc/1.6.5_public-key_crypto.md)
* [1.6.6 哈希函数](doc/1.6.6_hash.md)
* [1.6.7 数字签名](doc/1.6.7_digital_signature.md)
* [1.7 Android 安全基础](doc/1.7_android_basic.md) * [1.7 Android 安全基础](doc/1.7_android_basic.md)
* [1.7.1 Android 环境搭建](doc/1.7.1_android_env.md) * [1.7.1 Android 环境搭建](doc/1.7.1_android_env.md)
* [1.7.2 Dalvik 指令集](doc/1.7.2_dalvik.md) * [1.7.2 Dalvik 指令集](doc/1.7.2_dalvik.md)
@ -154,6 +147,8 @@ GitHub 地址https://github.com/firmianay/CTF-All-In-One
* [6.1.21 pwn HITCONCTF2016 Secret_Holder](doc/6.1.21_pwn_hitconctf2016_secret_holder.md) * [6.1.21 pwn HITCONCTF2016 Secret_Holder](doc/6.1.21_pwn_hitconctf2016_secret_holder.md)
* [6.1.22 pwn HITCONCTF2016 Sleepy_Holder](doc/6.1.22_pwn_hitconctf2016_sleepy_holder.md) * [6.1.22 pwn HITCONCTF2016 Sleepy_Holder](doc/6.1.22_pwn_hitconctf2016_sleepy_holder.md)
* [6.1.23 pwn BCTF2016 bcloud](doc/6.1.23_pwn_bctf2016_bcloud.md) * [6.1.23 pwn BCTF2016 bcloud](doc/6.1.23_pwn_bctf2016_bcloud.md)
* [6.1.24 pwn HCTF2017 babyprintf](doc/6.1.24_pwn_hctf2017_babyprintf.md)
* [6.1.25 pwn 34C3CTF2017 300](doc/6.1.25_pwn_34c3ctf2017_300.md)
* Reverse * Reverse
* [6.2.1 re XHPCTF2017 dont_panic](doc/6.2.1_re_xhpctf2017_dont_panic.md) * [6.2.1 re XHPCTF2017 dont_panic](doc/6.2.1_re_xhpctf2017_dont_panic.md)
* [6.2.2 re ECTF2016 tayy](doc/6.2.2_re_ectf2016_tayy.md) * [6.2.2 re ECTF2016 tayy](doc/6.2.2_re_ectf2016_tayy.md)

View File

@ -1 +0,0 @@
# 1.6.1 初等数论

View File

@ -1 +0,0 @@
# 1.6.2 近世代数

View File

@ -1,11 +0,0 @@
# 1.6.3 流密码
- [流密码概述](#流密码概述)
- [参考资料](#参考资料)
## 流密码概述
## 参考资料
- [Stream cipher](https://en.wikipedia.org/wiki/Stream_cipher)

View File

@ -1,57 +0,0 @@
# 1.6.4 分组密码
- [分组密码概述](#分组密码概述)
- [Feistel 密码结构](#feistel-密码结构)
- [数据加密标准](#数据加密标准)
- [DES](#des)
- [3DES](#3des)
- [高级加密标准](#高级加密标准)
- [分组密码工作模式](#分组密码工作模式)
- [电子密码本模式](#电子密码本模式)
- [密码分组链接模式](#密码分组链接模式)
- [密码反馈模式](#密码反馈模式)
- [输出反馈模式](#输出反馈模式)
- [计数器模式](#计数器模式)
- [参考资料](#参考资料)
## 分组密码概述
#### Feistel 密码结构
Feistel 结构是分组密码的一个通用结构。其加密算法的输入是长度为 2*w* 比特的明文分组及密钥 *K*。明文分组被分为两半:![L0][1] 和 ![R0][2]
![](../pic/1.6.4_feistel.png)
## 数据加密标准
#### DES
#### 3DES
## 高级加密标准
## 分组密码工作模式
#### 电子密码本模式
#### 密码分组链接模式
#### 密码反馈模式
#### 输出反馈模式
#### 计数器模式
## 参考资料
- [Block cipher](https://en.wikipedia.org/wiki/Block_cipher)
- [Data Encryption Standard](https://en.wikipedia.org/wiki/Data_Encryption_Standard)
- [Advanced Encryption Standard](https://en.wikipedia.org/wiki/Advanced_Encryption_Standard)
- [Block cipher mode of operation](https://en.wikipedia.org/wiki/Block_cipher_mode_of_operation)
[1]: http://chart.apis.google.com/chart?cht=tx&chl=L_0
[2]: http://chart.apis.google.com/chart?cht=tx&chl=R_0

View File

@ -1,12 +0,0 @@
# 1.6.5 公钥密码
- [参考资料](#参考资料)
- [RSA](#rsa)
## RSA
## 参考资料
- [Public-key cryptography](https://en.wikipedia.org/wiki/Public-key_cryptography)
- [RSA (cryptosystem)](https://en.wikipedia.org/wiki/RSA_(cryptosystem))

View File

@ -1,7 +0,0 @@
# 1.6.6 哈希函数
- [参考资料](#参考资料)
## 参考资料
- [Hash function](https://en.wikipedia.org/wiki/Hash_function)

View File

@ -1,7 +0,0 @@
# 1.6.7 数字签名
- [参考资料](#参考资料)
## 参考资料
- [Digital signature](https://en.wikipedia.org/wiki/Digital_signature)

View File

@ -1,9 +1 @@
# 1.6 密码学基础 # 1.6 密码学基础
- [1.6.1 初等数论](1.6.1_number_theory.md)
- [1.6.2 近世代数](1.6.2_modern_algebra.md)
- [1.6.3 流密码](1.6.3_stream_cipher.md)
- [1.6.4 分组密码](1.6.4_block_cipher.md)
- [1.6.5 公钥密码](1.6.5_public-key_crypto.md)
- [1.6.6 哈希函数](1.6.6_hash.md)
- [1.6.7 数字签名](1.6.7_digital_signature.md)

View File

@ -19,6 +19,7 @@ $ strings libc-2.19.so | grep "GNU C"
GNU C Library (Ubuntu EGLIBC 2.19-0ubuntu6.7) stable release version 2.19, by Roland McGrath et al. GNU C Library (Ubuntu EGLIBC 2.19-0ubuntu6.7) stable release version 2.19, by Roland McGrath et al.
Compiled by GNU CC version 4.8.2. Compiled by GNU CC version 4.8.2.
``` ```
32 位程序,开启了 Canary 和 NX默认开启 ASLR。
## 题目解析 ## 题目解析

View File

@ -0,0 +1,29 @@
# 6.1.24 pwn HCTF2017 babyprintf
- [题目复现](#题目复现)
- [题目解析](#题目解析)
- [漏洞利用](#漏洞利用)
- [参考资料](#参考资料)
[下载文件](../src/writeup/6.1.24_pwn_hctf2017_babyprintf)
## 题目复现
```
$ file babyprintf
babyprintf: ELF 64-bit LSB executable, x86-64, version 1 (SYSV), dynamically linked, interpreter /lib64/ld-linux-x86-64.so.2, for GNU/Linux 2.6.32, BuildID[sha1]=5652f65b98094d8ab456eb0a54d37d9b09b4f3f6, stripped
$ checksec -f babyprintf
RELRO STACK CANARY NX PIE RPATH RUNPATH FORTIFY Fortified Fortifiable FILE
Partial RELRO Canary found NX enabled No PIE No RPATH No RUNPATH Yes 1 2 babyprintf
$ strings libc-2.24.so | grep "GNU C"
GNU C Library (Ubuntu GLIBC 2.24-9ubuntu2.2) stable release version 2.24, by Roland McGrath et al.
Compiled by GNU CC version 6.3.0 20170406.
```
## 题目解析
## 漏洞利用
## 参考资料
- https://github.com/spineee/hctf/tree/master/2017/babyprintf

View File

@ -0,0 +1,29 @@
# 6.1.25 pwn 34C3CTF2017 300
- [题目复现](#题目复现)
- [题目解析](#题目解析)
- [漏洞利用](#漏洞利用)
- [参考资料](#参考资料)
[下载文件](../src/writeup/6.1.25_pwn_34c3ctf2017_300)
## 题目复现
```
$ file 300
300: ELF 64-bit LSB shared object, x86-64, version 1 (SYSV), dynamically linked, interpreter /lib64/ld-linux-x86-64.so.2, for GNU/Linux 2.6.32, BuildID[sha1]=5f43b102f0fe3f3dd770637f1d244384f6b2a1c9, not stripped
$ checksec -f 300
RELRO STACK CANARY NX PIE RPATH RUNPATH FORTIFY Fortified Fortifiable FILE
Full RELRO Canary found NX enabled PIE enabled No RPATH No RUNPATH Yes 0 2 300
$ strings libc.so.6 | grep "GNU C"
GNU C Library (Ubuntu GLIBC 2.24-9ubuntu2.2) stable release version 2.24, by Roland McGrath et al.
Compiled by GNU CC version 6.3.0 20170406.
```
## 题目解析
## 漏洞利用
## 参考资料
- https://ctftime.org/task/5172

View File

@ -24,6 +24,8 @@
* [6.1.21 pwn HITCONCTF2016 Secret_Holder](6.1.21_pwn_hitconctf2016_secret_holder.md) * [6.1.21 pwn HITCONCTF2016 Secret_Holder](6.1.21_pwn_hitconctf2016_secret_holder.md)
* [6.1.22 pwn HITCONCTF2016 Sleepy_Holder](6.1.22_pwn_hitconctf2016_sleepy_holder.md) * [6.1.22 pwn HITCONCTF2016 Sleepy_Holder](6.1.22_pwn_hitconctf2016_sleepy_holder.md)
* [6.1.23 pwn BCTF2016 bcloud](6.1.23_pwn_bctf2016_bcloud.md) * [6.1.23 pwn BCTF2016 bcloud](6.1.23_pwn_bctf2016_bcloud.md)
* [6.1.24 pwn HCTF2017 babyprintf](6.1.24_pwn_hctf2017_babyprintf.md)
* [6.1.25 pwn 34C3CTF2017 300](6.1.25_pwn_34c3ctf2017_300.md)
* Reverse * Reverse
* [6.2.1 re XHPCTF2017 dont_panic](6.2.1_re_xhpctf2017_dont_panic.md) * [6.2.1 re XHPCTF2017 dont_panic](6.2.1_re_xhpctf2017_dont_panic.md)
* [6.2.2 re ECTF2016 tayy](6.2.2_re_ectf2016_tayy.md) * [6.2.2 re ECTF2016 tayy](6.2.2_re_ectf2016_tayy.md)

Binary file not shown.

Binary file not shown.

Binary file not shown.