Cool little challenge, we’re given a hostname and port. When we connect we’re presented with a ‘>’ prompt and we have to deduce the environment we’re in then exploit it.
Only got to spend 2 hours on this CTF sadly as it was mid-week for me. Sadly because the site was so well designed and the challenges seemed reasonably set. Anyway this was one of the few I solved and I was drawn to it because - QR codes - who doesn’t love those?
According to the challenge text this was a re-implemented challenge first seen at the AISA 2015 CTF. Since that was an onsite event I had not seen or heard of it before. So I approached it as a new challenge.
Defcon Quals 2016 were held over the weekend, while I didn’t qualify for the finals (any teams wanting a stand in ? Let me know ) I did become intrigued by the CGC challenges that were presented. Today I’m writing up the solution to LEGIT_0003. The most basic of the CGC challenge binaries (CB). I’m going to write it from a complete dummies perspective because that’s what I was (AM).
Defcon is over for another year. Well I think the guys went ahead and redefined what constitutes a good CTF yet again. Hard and focused, but very good and I don’t know how I feel about going back to other CTFs now. Still let’s move forward with a discussion about these trio of Cyber Grand Challenge binary problems we received over the weekend.