Here is my collection of write-ups for 2024 edition of Swiss Hacking Challenge
This was the first time I tried a CTF competition - something I was always curios about, but never really got into doing it. It was great fun to revive the memories of things I used to do decades ago 👴 - and see how they apply (or not) to the world of 2024.
I did not really intend to "compete" with the elite 😂 - just wanted to try few challenges that I liked for some reason (those marked with ⭐, mainly involving decompilation / disassembly). Then, just for the stats, I couldn't resist to solve some of the other easy ones 😊
Overall, it was clear that I lacked experience here. Looking at Coderion's writeups I realized just how overengineered some of my solutions were 🤦🤦🤦. Two main examples:
a-smap-in-the-face:
- My solution: full rev-eng of randomized offsets in kernel structs, correlating kernel disassembly with source code, overwrite these structs in the TCB, write a micro exploit in assembly for all that, with a hand-tuned ELF header...
- Better solution: Just
exploit
modprobe_path, usemusl-gccto produce small executable.
train-dilemma-to-work:
- My solution: analyze and disable debugger detection, decrypt all the encrypted code (persistently, by patching the binary!), insert hand-crafted assembly payloads in multiple places to extract the flag at runtime...
- Better solution: Just grab a (decrypted, unlocked) core while the program is running, analyze from there, rewrite key routines in Python.
But also in many other challenges, I see that what I thought is a complex problem that needs to be "solved" from first principles, in reality has a "there is a (tool|web page|library) for this" answer.
Lots of fun nevertheless. Thanks to the organizers for providing it!