0x00 Challenge Info A test! Getting onto the team is one thing, but you must prove your skills to be chosen to represent the best of the best. They have given you the classic - a restricted environment, devoid of functionality, and it is up to you to see what you can do. Can you break open the chest? Do you have what it takes to bring humanity from the brink? 0x01 Reconnaissance This challenge is a Python jail (Pyjail). Let’s check the challenge code first. banner = r""" .____ ...

Prologue Fermat’s Little Theorem is quite often seen in the CTF contests, so let’s dive in to this article to know more about it! Math is powerful! Required Knowledge a≡b(modk)⇔k∣(a−b)a\equiv{b}\pmod{k}\Leftrightarrow{k}\mid(a-b)a≡b(modk)⇔k∣(a−b) a≡b(modk)andc≡d(modk)⇔a+c≡b+c(modk)a\equiv{b}\pmod{k}\quad\text{and}\quad c\equiv{d}\pmod{k}\Leftrightarrow a+c\equiv b+c\pmod{k}a≡b(modk)andc≡d(modk)⇔a+c≡b+c(modk) a≡b(modk)andc≡d(modk)⇔ac≡bd(modk)a\equiv{b}\pmod{k}\quad\text{and}\quad c\equiv{d}\pmod ...

0x00 Challenge Info Gotta collect them all. 0x01 Reconnaissance We have a zip file, and after we unzip the file, we got an executable file called HackTheBox CubeMadness1.exe. First, we can run the file to see what’s going on and what is this game about. In this game, we can use left/right arrow to control the white cube (?) and use space to jump, and it also allows jumping in the air. The challenge description said that we should collect all the cubes, but when we try to get all of them by pl ...

Prologue I decided to write this to help myself to better understand the attacks in RSA or other crypto system. And if this can help you, that would be my honor! Also, all the code in this note will in Python since it’s the most used exploit script language in CTFs. Let’s start! Euclidean Algorithm Intro It’s an algorithm to calculate the GCD (Greatest Common Divisor) between 2 numbers, and in Chinese, it’s called 輾轉相除法 BTW. Principles It’s an recursive algorithm, so every step’s output is the i ...

青雲路：關於我們，明道辯論社 非正文 以下為我們當初卸下幹部的職位時，將三年的經驗寫成的文字。為的是給後續的學弟妹參考，同時也希望更多人能理解辯論的真諦。 至今重新閱讀這些文字依然深感當初那三年對我人生的影響之大，故將其抄寫於此。雖然不知道這篇文章或是這份精神能以這樣的形式存在多久，但至少期待自己能把這份記憶安穩地守護著。 前言：辯論？ 辯論，在大多數人眼裡，就是一群人聚在一起吵架。或許是因為臺灣政壇辯論給人的既定印象，也或許是因為這個詞彙本身賦予的感受，以至於大家於辯論有這樣的刻板印象。但真正的辯論，作為說服的藝術，絕不僅僅於「吵架」如此簡單。其實，只用吵架二字形容這項活動，未免過於暴力而扁平。辯論的世界比起常人想像的更佳的精彩與多變，每一道題都是一場思辨之旅；而每一場比賽，都能看見優雅的感性與理性交織之美。 作為明道辯論社的退休幹部，我們想要讓你知道在明道辯論社，你能得到什麼？並且透過這樣的說明，也描繪了辯論比賽的輪廓。如果想要窺探辯論更全面的樣貌，那就來參加明道的辯論社，並且投入比賽吧！ 資料蒐集與分析拆解能力 首先，比賽前，我們需要針對辯題大量蒐集背景資料以及正、反雙方的資 ...

0x00 Challenge Info As a part of our SDLC process, we’ve got our firmware ready for security testing. Can you help us by performing a security assessment? 0x01 Reconnaissance We will get a file called firmware.bin, and we can use binwak to extract the data from the bin file. binwalk -e firmware.bin And the operation will create a directory called _firmware.bin.extracted. So we can go in there and check what is inside. We will find out it’s actually messy in there, that means we cannot easily g ...

Fundamentals of Logic Statements Statements (or propositions) Declarative sentences that are either true or false but not both Primitive statements There is really no way to break them down into anything simpler New statements can be obtained from existing ones in two ways Negation We do not consider the negation of a primitive statement to be a primitive statement The negation statement of ppp is ¬p\neg{p}¬p NOT Compound statements, using the following logical connectives Conjunc ...

0x00 Challenge Info After struggling to secure our secret strings for a long time, we finally figured out the solution to our problem: Make decompilation harder. It should now be impossible to figure out how our programs work! 0x01 Reconnaissance First we can run the binary to see what’s going on. ┌──(kali㉿kali)-[~/CTF/rev_behindthescenes] └─$ ./behindthescenes ./challenge <password> It tell us we should put some password as the argument to execute this. Next step, I check the printable str ...

0x00 Challenge Info We’ve located the adversary’s location and must now secure access to their Optical Network Terminal to disable their internet connection. Fortunately, we’ve obtained a copy of the device’s firmware, which is suspected to contain hardcoded credentials. Can you extract the password from it? 0x01 Reconnaissance It gave us a zip file. So we first unzip it with the password hackthebox. Then we can see a directory called ONT which stands for Optical Network Terminal. The interest ...