RSS
 

Hackvent 2019: Day 22

23 Dec 2019

  Challenge HV19.22 The command … is lost

Resource mirror: thecommand7.data Solution We inspect our data file and Google some of the hex sequences inside like :100000000C9435000C945D000C945D000C945D0024 and :00000001FF . We soon realise its the hex dump (or machine code) for a program for an AVR micro controller. Based on our search it seems like the dump…read more.

 
No Comments

Posted in Hackvent 2019

 

Hackvent 2019: Day 21

21 Dec 2019

  Challenge HV19.21 Happy Christmas 256

Solution We review the clues the elves gave us and first start by trying to find Santa password that was leaked 10 years ago. We are looking for data breaches in 2009 so we look at a list of data breaches. We find that the rockyou breach was the biggest…read more.

 
No Comments

Posted in Hackvent 2019

 

Hackvent 2019: Day 20

20 Dec 2019

  Challenge HV19.20 i want to play a game

Resource mirror: HV19-game.zip Solution We are given a binary and told it is something obscure we have to reverse. We download the binary and open it in IDA. After some digging around we realise the file has something to do with the PS4 and this is consistent…read more.

 
No Comments

Posted in Hackvent 2019

 

Hackvent 2019: Day 19

20 Dec 2019

  Challenge HV19.19 ?

  Solution   We see a bunch of emoji and immediately think its EmojiCode! Initially we want to play around with the code so we go tio.run/#emojicode6 and enter in our code. Upon running our code we get a prompt and entering random input crashes our program to panick and crash:…read more.

 
No Comments

Posted in Hackvent 2019

 

Hackvent 2019: Day 18

20 Dec 2019

  Challenge HV19.18 Dance with me

Resource mirror: HV19-dance.zip Solution   In our zip file we get a dance binary that we discover is an arm binary. After some digging around we find out that it is in fact a DEB and written for iOS. We attempt to run the code in an emulator like…read more.

 
No Comments

Posted in Hackvent 2019

 

Hackvent 2019: Day 17

17 Dec 2019

  Challenge HV19.17 Unicode Portal

  Solution We visit the unicode portal and are presented with a very cool website: We have to login before we can view the symbols, source or admin page. We register an account (only username and password is needed). Upon logging in we see a symbols page, a source page and…read more.

 
1 Comment

Posted in Hackvent 2019

 

Hackvent 2019: Day 16

16 Dec 2019

  Challenge HV19.16 B0rked Calculator

Resources: HV19.16-b0rked.zip Solution We are presented with a x86 Windows binary file. Upon inspection it looks to be a simple calculator but unfortunately its borked! It supports the following operations: + -  *  and /. However, it seems like it either ignores the left or right operand in calculations. In…read more.

 
No Comments

Posted in Hackvent 2019

 

Hackvent 2019: Day 15

15 Dec 2019

  Challenge HV19.15 Santa’s Workshop

Page snapshot:

Solution NOTE: Unfortunately, the server for this challenge was broken for a long time and caused a lot of pain and suffering. In the end it took 6 hours longer than it needed to. We land on a nice landing page with a counter which counts upwards.…read more.

 
No Comments

Posted in Hackvent 2019

 

Hackvent 2019: Hidden 4

14 Dec 2019

  Challenge HV19.H4 Hidden Four   Solution During the Day 14 challenge HV19.14 Achtung das Flag, our final flag looks quite interesting: HV19{s@@jSfx4gPcvtiwxPCagrtQ@,y^p-za-oPQ^a-z\x20\n^&&s[(.)(..)][\2\1]g;s%4(...)%"p$1t"%ee} The hints in the __DATA__ segment point us in the right direction:

So we evaluate the string as Perl code like so:

This prints out the content of our hidden flag:…read more.

 
No Comments

Posted in Hackvent 2019

 

Hackvent 2019: Day 14

14 Dec 2019

  Challenge HV19.14 Achtung das Flag

  Solution We are provided with some Perl code so we decide to run it. We realise we need the Tk module which seems to be some GUI library for Perl. After running the code we are presented with a game which allows us to control the…read more.

 
No Comments

Posted in Hackvent 2019