aaron/htb-santa-ctf
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity
Files
master
htb-santa-ctf/reversing/infiltration
History
aaron 6d35d9bc1d add small writeup for infiltration
2021-12-03 17:02:10 +01:00
..
ghidra
add giftwrap challenge
2021-12-02 19:23:33 +01:00
client
add giftwrap challenge
2021-12-02 19:23:33 +01:00
flag
add giftwrap challenge
2021-12-02 19:23:33 +01:00
README.md
add small writeup for infiltration
2021-12-03 17:02:10 +01:00
target
add giftwrap challenge
2021-12-02 19:23:33 +01:00

README.md

Infiltration

Flag

HTB{n0t_qu1t3_s0_0p4qu3}

How to solve

  • The client software connects to a server and tries to authenticate
  • Dont even bother to disassemble the binary or capture the traffic
  • The flag can be obtained using strace
strace /.client $server $port

... snip ...

recvfrom(3,
"\330|a?\7\212j\321\256C\37\33:\31\215x\325\327p\3528\202N\361V:\207\r\275\255+=",
32, 0, NULL, NULL) = 32
sendto(3,
"\205'u\25~\240<\301`\274\6\2075Dj\230\374\300\314\243%\1\202#\374\350K\216P\250\373\302",
32, 0, NULL, 0) = 32
recvfrom(3, "\0", 1, 0, NULL, NULL)     = 1
recvfrom(3, "HTB{n0t_qu1t3_s0_0p4qu3}", 1024, 0, NULL, NULL) = 24
newfstatat(1, "", {st_mode=S_IFCHR|0620, st_rdev=makedev(0x88, 0), ...},
AT_EMPTY_PATH) = 0
brk(NULL)                               = 0x55ce61a03000
brk(0x55ce61a24000)                     = 0x55ce61a24000
write(1, "[!] Untrusted Client Location - "..., 53[!] Untrusted Client Location
- Enabling Opaque Mode
) = 53
exit_group(0)                           = ?
+++ exited with 0 +++
Reference in New Issue View Git Blame Copy Permalink