So once again, the awesome SCAN Associates Berhad with collaboration of MISTI Johor had organized quick/mini CTF Competition in the southern land of Malaysia. Pan Pac JB few weeks ago. While I was not able to conduct the competition on the scene directly since I`m busied with my marriage (oh yeah marriage is life way more important and rewardable if u know what i meant :p) .
So I managed to rip-off /rewrite back the Score Servers in Ruby and hardened it thanks to the power of Apache... in Malaysia CTF how do u predict a winner? Simple.. u only have three choice by either
1. UTP * - That means if geng alak/kage
2. UTM * - That means geng kuehtiow
3. MMU * - Well what do u expect? it's MMU there should be plenty of nerds and geeks.
4. UITM * - Urm, yeah, well u know .... they win sometimes right?
Final Score.
Owh my BFF hacker/trainer friends ask me to write out one of the question. Since I`m in a good mood (dah jadi husband) So let`s go to one question.... Question 7
SO what happen when someone actually connect to the port?
You will actually get something sounds gibberish
Since we know it's something gibberish. Let's analyze the traffic with Wireshsark. with and Follow the TCP Stream.
Hurm,... Since it`s not ASCII readable let`s try EBCDIC?
Hurm,... Since it`s not ASCII readable let`s try EBCDIC?
Hohoho. to answer the servers require us to write a simple client that we encode our data into EBCDIC to send and Decode back in ASCII when recv from the server.
A quick dirty unelegent but works anyway.. in python
Now Test it !!
So answer is c6bf8061e6ece9aff707ddaf666db3b50983fd32
Since I`m in a good mood , I release the source code i used for the server..
http://pastebin.com/dcuTjjtd
Owh congrats to MMU Biyatch..
So I managed to rip-off /rewrite back the Score Servers in Ruby and hardened it thanks to the power of Apache... in Malaysia CTF how do u predict a winner? Simple.. u only have three choice by either
1. UTP * - That means if geng alak/kage
2. UTM * - That means geng kuehtiow
3. MMU * - Well what do u expect? it's MMU there should be plenty of nerds and geeks.
4. UITM * - Urm, yeah, well u know .... they win sometimes right?
Final Score.
Owh my BFF hacker/trainer friends ask me to write out one of the question. Since I`m in a good mood (dah jadi husband) So let`s go to one question.... Question 7
SO what happen when someone actually connect to the port?
You will actually get something sounds gibberish
Since we know it's something gibberish. Let's analyze the traffic with Wireshsark. with and Follow the TCP Stream.
Hurm,... Since it`s not ASCII readable let`s try EBCDIC?
Hurm,... Since it`s not ASCII readable let`s try EBCDIC?
Hohoho. to answer the servers require us to write a simple client that we encode our data into EBCDIC to send and Decode back in ASCII when recv from the server.
A quick dirty unelegent but works anyway.. in python
Now Test it !!
So answer is c6bf8061e6ece9aff707ddaf666db3b50983fd32
Since I`m in a good mood , I release the source code i used for the server..
http://pastebin.com/dcuTjjtd
Owh congrats to MMU Biyatch..
No comments:
Post a Comment