G33K @ Work | Geeky stuff

TAG | exploit

This blogpost describes how we from StratumAuhuur solved the pirate_danbi challenge in the Codegate 2015 Preliminary CTF.


The binary is a simple server started via inetd. After startup it generates two strings containing the IP-address of the client to be used as filenames for storing a bz2 compressed file and the extracted bz2 file in /tmp. It also reads an 8 byte long key file from disk.
(mehr …)


This writeup explains how we (Andreas Straub, rep and myself as part of 0ldEr0pe) ended up pwning the musicman service during the 2013 DEF CON CTF qualifying (for which we did’t qualify this year. meh!).


The service listens on port TCP port 7890. As soon as you connect it starts throwing binary data at you. After dumping that data into a file, we recognized that this is a WAV audio file. After fucking everybody up by playing the high-pitch noise contained in that file a few times for the lulz we opened it up in audacity and saw some obvious structures:

The WAV-file we got from musicman in Audacity

That doesn’t look or sound like normal music. (mehr …)

, , , ,