NiNi's Den

2019::PlaidCTF

Word count: 158Reading time: 1 min
2019/05/01 Share

Played with Balsn, and get 4th this time.
I have to construct my payload more carefully, wasted too much time on debugging.

This is not a writeup for reading, just a kind of reminder for myself.

Misc::space saver

Solution1

  • binwalk --dd=".*" space.dd
  • formost would extract the same png, but missing the most important part !!
  • The password of rar is concated after the keyword IEND of each png

Solution2

  • mount the dd mount -o loop space.dd /mnt/tmp
  • scan for searching deleted files

Misc::can you guess me

intuitive solution

also my solution

print(vars())

error base

this is interesting

help(flag)

intended solution

It’s persuasive, because exec

link

Misc::Project Eulernt

Factor + random permutation and greedy

This should be more efficiency ?

Factor + dfs

This is the first thought came to my mind, did not find this solution on CTFtime’s wirteup.
But the writeup released by team ranked 2nd and 3rd are this kind.

Original Author: Terrynini

Original link: http://blog.terrynini.tw/en/2019-PlaidCTF/

Publish at: May 1st 2019, 10:50:47

Copyright: This article is licensed under CC BY-NC 4.0

CATALOG
  1. 1. Misc::space saver
    1. 1.1. Solution1
    2. 1.2. Solution2
  2. 2. Misc::can you guess me
    1. 2.1. intuitive solution
    2. 2.2. error base
    3. 2.3. intended solution
  3. 3. Misc::Project Eulernt
    1. 3.1. Factor + random permutation and greedy
    2. 3.2. Factor + dfs