Rev

This is the second part of my adoption of …ing the technical interview. A blog series by Aphyr about writing programs in funny, non-standard ways. Again this is a writeup of a CTF challenge I created. Specifically, the dive in the lake challenge of LakeCTF, organized by the CTF of EPFL polygl0ts. Since, the last technical interview in Java was apparently not enough to get me hired as a performance engineer, I need to go to the binary level.

I really like the blog series …ing the technical interview from Aphyr. Besides the humor, I enjoy seeing Turing completeness in parts of systems that many people use but that were not designed to write entire programs in. Jeg snakker lite norsk and I can’t write anything as funny as the original. But I write CTF challenges from time to time. CTF reverse engineering challenges are the perfect place for implementing such weird things and getting the joy of many people trying to figure it out.

Ghidra is a fairly complex reverse engineering tool, that has a lot of great features, that are not really intuitive to use. This talk was given together with intrigus for our CTF team KITCTF. It touches on many interesting but not easy to use features, specifically: Importing processor manuals Syncing decompiler and debugger pcode emulation Ghidra scripts in Java, and how you one use python 3 instead of python 2.7 Function signatures, how to use them in static binaries and how they work internally Adding custom architectures The slides should be navigated with n and p instead of arrow keys, because they are 2D slides.

With my CTF team KITCTF, each semester we do introductory talks about how get started with CTFs. I prepared an introductory talk about reverse engineering, that is meant to provide that absolute basics. You can find the slides here.

I talked about how C++ reverse engineering is very different from C reveres engineering. The talk touches on a research project I did at HexHive about a subtopic in that space. However, it is meant as a general introduction. Unfortunately, I can only provide you the slides and not the live demo. These are 2D slides so use n and p to navigate instead of the arrow keys.

Note: Navigate the presentation with n and p keys. There are 2D slides. Presentation about: large scale empirical ethereum smart contract analysis There is also a blog post about the findings.

Read more writeups at kitctf.de Challenge description: Our lab administrator has just passed out from a strange virus. Please help us find the password to his messaging app so we can identify what he was working on and save his life. We are given an apk (Android Package) starting it, it asks for username and password to enter. It does not require any network connection, so it is a classical CrackMe.

Tenbagger #Challenge description: I think I took it too far and made some trades and lost everything. My only chance to fix my account balance is a tenbagger. We are given a pcap and open in Wireshark. It contains a lot of what looks like normal web browsing. But somewhere in there are a few FIX messages. FIX is the Financial Information eXchange protocol. First, I thought that we need to get the credentials from the FIX login, but there are no such packages.