CTF-All-In-One/doc/6.4_writeup.md
2017-07-17 23:20:12 +08:00

1.7 KiB

6.4 习题答案

  • 一、基础知识篇

  • [1.1 ctf 介绍]

  • 二、工具篇

  • [2.1 gdb/peda]

  • [2.2 ollydbg]

  • [2.3 windbg]

  • [2.4 radare2]

  • [2.5 IDA Pro]

  • [2.6 pwntools]

  • 三、分类专题篇

  • [3.1 Reverse]

  • [3.2 Crypto]

  • [3.3 Pwn]

  • [3.4 Web]

  • [3.5 Misc]

  • [3.6 Mobile]

  • 四、技巧篇

  • 五、高级篇

  • 六、附录

  • 6.1 更多 Linux 工具

  • [6.2 更多 Windows 工具]

  • [6.3 博客、文章和书籍]

  • [6.4 习题 write-up]

6.1 更多 Linux 工具

Strings - strings_crackme

[firmy@Reverse]$ strings -e L strings_crackme
w0wgreat

Strings - flag_pwnablekr

[firmy@Reverse]$ ./flag_pwnablekr 
I will malloc() and strcpy the flag there. take it.
[firmy@Reverse]$ strings flag_pwnablekr | grep UPX
UPX!
$Info: This file is packed with the UPX executable packer http://upx.sf.net $
$Id: UPX 3.08 Copyright (C) 1996-2011 the UPX Team. All Rights Reserved. $
UPX!
UPX!
[firmy@Reverse]$ upx -d flag_pwnablekr 
                       Ultimate Packer for eXecutables
                          Copyright (C) 1996 - 2017
UPX 3.94        Markus Oberhumer, Laszlo Molnar & John Reiser   May 12th 2017
        File size         Ratio      Format      Name
   --------------------   ------   -----------   -----------
    883745 <-    335288   37.94%   linux/amd64   flag_pwnablekr
Unpacked 1 file.
[firmy@Reverse]$ strings flag_pwnablekr | grep -i upx
UPX...? sounds like a delivery service :)

xxd - xxd_crackme

[firmy@Reverse]$ xxd -g1 xxd_crackme
......
00001020: 00 00 00 00 67 30 30 64 4a 30 42 21 00 00 00 00  ....g00dJ0B!....
......
[firmy@Reverse]$ strings -d xxd_crackme 
......
g00dJ0B!
......