Some basic hacking techniques via example: NoNameCon badge by Oleksii Sobolevskyi

Basic hacking techniques via example: NoNameCon badge Oleksii Sobolevskyi Software
Engineer

https://www.nonamecon.org/badge

Capture the Flag (CTF) — это игра, в которой участники
пытаются захватить флаг противников и защитить свой.

1. Mr Bean Walker – reverse engineering 2. BruteSearcher –
web application security 3. NoNameCon SpyNet – web application security 4. Ployka PWNer – cryptography 5. Binary Hero – reverse engineering 6. Side Blennel – steganography https://www.nonamecon.org/badge

https://youtu.be/chfoAWevHMs

http://dirb.sourceforge.net/

XSS (англ. Cross-Site Scripting — «межсайтовый скриптинг») — тип атаки
на веб-системы, заключающийся во внедрении в выдаваемую веб-системой страницу вредоносного кода (который будет выполнен на компьютере пользователя при открытии им этой страницы) и взаимодействии этого кода с веб-сервером злоумышленника.

https://www.owasp.org/index.php/XSS_Filter_Evasion_Cheat_Sheet

https://github.com/tintinweb/ecdsa-private-key-recovery

https://docs.espressif.com/projects/esp-idf/en/release-v3.2/get-started/macos-setup.html#toolchain-setup

https://github.com/radareorg/cutter

https://0x04.net/~mwk/doc/xtensa.pdf

sprintf a10, a11, a12, a13, a14, a15

a10 = ﬂag{%02x%02x%02x%02x%02x%02x%02x%02x%02x%02x%02x%02x%02x%02x}

a11 = ﬂag{%02x%02x%02x%02x%02x%02x%02x%02x%02x%02x%02x%02x%02x%02x}

a11 = ﬂag{%02x%02x%02x%02x%02x%02x%02x%02x%02x%02x%02x%02x%02x%02x} 14 x %02x ( 2 hex digit
of integer )

sprintf a10, a11, a12, a13, a14, a15 , a1+0, a1+4,
… a1+36

a12, a13, a14, a15 , a1+0, a1+4, a1+8, a1+12, a1+16,
a1+20, a1+24, a1+28, a1+32, a1+36

a12, a13, a14, a15 , a1+0, a1+4, a1+8, a1+12, a1+16,
a1+20, a1+24, a1+28, a1+32, a1+36 ???

a12, a13, a14, a15 , a1+0, a1+4, a1+8, a1+12, a1+16,
a1+20, a1+24, a1+28, a1+32, a1+36 81 = 0x51

a12, a13, a14, a15 , a1+0, a1+4, a1+8, a1+12, a1+16,
a1+20, a1+24, a1+28, a1+32, a1+36

a12, a13, a14, a15 , a1+0, a1+4, a1+8, a1+12, a1+16,
a1+20, a1+24, a1+28, a1+32, a1+36 a1+0 = a13

a12, a13, a14, a15 , a1+0, a1+4, a1+8, a1+12, a1+16,
a1+20, a1+24, a1+28, a1+32, a1+36 a1+0 = 0xd2

a12, a13, a14, a15 , a1+0, a1+4, a1+8, a1+12, a1+16,
a1+20, a1+24, a1+28, a1+32, a1+36 a1+4 = a8

a12, a13, a14, a15 , a1+0, a1+4, a1+8, a1+12, a1+16,
a1+20, a1+24, a1+28, a1+32, a1+36 a8 = 0x53

a12, a13, a14, a15 , a1+0, a1+4, a1+8, a1+12, a1+16,
a1+20, a1+24, a1+28, a1+32, a1+36 a1+4 = 0x53

a12, a13, a14, a15 , a1+0, a1+4, a1+8, a1+12, a1+16,
a1+20, a1+24, a1+28, a1+32, a1+36 0xbf, 0xd2, 0x51, 0xb9, 0xd2, 0x53, 0xab, 0xa, 0xea, 0x83, 0x55, 0x4e, 0xfb, 0x8d

https://play.google.com/store/apps/details?id=no.nordicsemi.android.mcp https://play.google.com/store/apps/details?id=com.macdom.ble.blescanner

• https://www.nonamecon.org/badge • screen • strings • dirb (http://dirb.sourceforge.net/) •
https://xsshunter.com/ • https://github.com/tintinweb/ecdsa-private-key-recovery • https://docs.espressif.com/projects/esp-idf/en/release-v3.2/get- started/macos-setup.html#toolchain-setup • https://github.com/radareorg/cutter • https://0x04.net/~mwk/doc/xtensa.pdf • https://play.google.com/store/apps/details? id=no.nordicsemi.android.mcp • https://play.google.com/store/apps/details? id=com.macdom.ble.blescanner • https://play.google.com/store/apps/details? id=com.macdom.ble.blescanner • base64

https://github.com/search?q=ctf+writeup https://cryptopals.com/ https://ctftime.org/

Some basic hacking techniques via example: NoNa...

Some basic hacking techniques via example: NoNameCon badge by Oleksii Sobolevskyi

More Decks by MacPaw Tech Talks

Other Decks in Programming

Featured

Transcript