Reversing this program is made frustrating by the fact that it was written in OCaml, generating many instructions that maintain internal structures, check stack alignment, etc. It becomes clear that in order to get the flag, we must pass the checks performed by each function within a list.
It is clear the binary has been messed with, and from both the description and name of the task, we hypothesize that bytes have only been shuffled around, not otherwise modified (via encryption, XOR, etc.).
If you know of a link we have missed, please let us know in the comments and we will add it shortly.
Digital Operatives understands the importance of protecting sensitive information—such as a lawfirm’s clients’ property—and can provide specialized services for such specialized entities.
We had a great time solving a few problems from the Ghost in the Shellcode CTF this past weekend and wanted to have an easy place with links to write-ups from all around the Internet, so we created it here. If you know of a link we have missed, please let us know in the comments and we will add it shortly.
Spill and Ossman propose using a special error correcting code that has a property they call “isolation.” They call this family of codes “Isolated Complementary Binary Linear Block Codes” (ICBLBC). We implemented a generator that encodes the ICBLBC constraints as a Satisfiability Modulo Theories problem and used Digital Operatives’ proprietary constraint optimizer to enumerate all feasible solution codes.
The second audio stream is an SSTV stream containing image information. The text is the contents of an Aperture Science Image!
apt-get install wamerican-small, strip the vimcrypt header, convert it to a C array, and write a quick solver by using vim’s source code.
Assuming there’s more to whitespace than meets the eye, we search for all non-whitespace characters and remove them.
In .NET assemblies, String obfuscation is most often implemented by passing a series of nonsensical arguments to a deobfuscation method which then returns the deobfuscated string to a method. In this post, you will learn some quick and dirty methods of using reflection to automate string deobfuscation in .NET assemblies.