https://blog.zars.me/tags/python/Recent content in Python on Tyler's BlogHugoen-us© AthulSat, 17 Jun 2023 12:13:32 +0530https://blog.zars.me/posts/nahamctf2023/Sat, 17 Jun 2023 12:13:32 +0530https://blog.zars.me/posts/nahamctf2023/I keep having busy weekends and I wish I had a touch more time to grind out the challenges I had left for this CTF. Awesome challenges by the authors! Thanks for the fun CTF nahamsec team! Glasses 50 points - Warmups - 955 Solves - easy Author: @JohnHammond#6971 Everything is blurry, I think I need glasses! We can’t inspect element with a mouseclick. No worries, just use the keyboard shortcut (or on Mac the menu still pops).https://blog.zars.me/posts/byuctf2023/Sun, 28 May 2023 12:13:32 +0530https://blog.zars.me/posts/byuctf2023/I didn’t complete this while it was running due to travelling but went back after and tried to get some of these done, cool challenges tho. leet1 Just make 1337 nc byuctf.xyz 40000 Attachment: leet1.py We are provided with a file that checks if our input is equal to 1337. However, it has two checks: re.search(r'\d', inp) eval(inp) != 1337 The first check is for any numbers included, those will immeditely fail.https://blog.zars.me/posts/heroctfv5/Mon, 15 May 2023 12:13:32 +0530https://blog.zars.me/posts/heroctfv5/Overview HeroCTF was my first solo team attempt at CTF’ing. It was a blast and huge props to the authors of the challenges. I had fun solving all the ones I did and had plenty of time to experiment with the ones I couldn’t. The CTF was hosted here: link. I’ll break down my solves below in no particular order. dev.corp 1/4 The famous company dev.corp was hack last week.. They don't understand because they have followed the security standards to avoid this kind of situation.https://blog.zars.me/posts/temperature-to-influxdb/Sat, 18 Mar 2023 12:13:32 +0530https://blog.zars.me/posts/temperature-to-influxdb/The Tech Let’s build out our little form factor advanced thermometer. The BMP280 This little sensor is fantastic for measuring a host of information and all of it can be relayed over the I2C interface to the other piece of the puzzle. The main data points are temperature (with ±1.0°C accuracy), barometric pressure (±1 hPa absolute accuracy), and altitude (±1 meter accuracy). The main ones that are pretty neat here are temperature and barometric pressure; altitude comes built into the BMP280 by default but since we aren’t going to be moving this sensor much it’s not really something that we will need to keep tabs on.https://blog.zars.me/posts/irisctf-babyseek/Wed, 01 Feb 2023 12:13:32 +0530https://blog.zars.me/posts/irisctf-babyseek/The Challenge I’ll let you seek around my file as far as you want, but you can’t go anywhere since it’s /dev/null. Author: sera seek.zip nc seek.chal.irisc.tf 10004 The Provided ZIP chal Provided binary chal.c Source which binary comes from Makefile Provided compilation flags Dockerfile Dockerfile running on the server Protections [*] '/root/workspace/vr_pres2/seek/chal' Arch: amd64-64-little RELRO: No RELRO Stack: No canary found NX: NX enabled PIE: PIE enabled Welp, if we can overflow and overwrite the GOT, seems like we’re in the home stretch.https://blog.zars.me/posts/irisctf-ret2libm/Wed, 01 Feb 2023 12:13:32 +0530https://blog.zars.me/posts/irisctf-ret2libm/The Challenge I need to make a pwn? Let’s go with that standard warmup rop thing… what was it… ret2libm? Author: sera ret2libm.zip / Dockerfile The Provided ZIP chal Provided binary chal.c Source which binary comes from libc-2.27.so Provided libc version libm-2.27.so Provided libm version Makefile Provided compilation flags What is libm? #include <math.h> libm is the standard math library for C. Where does libm live? $ ldd chal linux-vdso.so.1 (0x00007fffd53f5000) libm.