Apr 3, 2014

IDAPython is an IDA plugin which allows Python scripts to access IDA’s API, IDC, and all the modules already in Python. Most importantly, IDAPython allows us to manipulate IDA’s disassembly programmatically without leaving the familiarity of Python.

Feb 11, 2014

Brooklynt Overflow recently participated in Olympic CTF finishing in 29th place. This is a write up of the aski challenge.

Feb 11, 2014

For 400 points, Olympic CTF provided the Make Similar challenge. The description was “Listen carefully and try to figure out. Hint: 120 LPM.”

Feb 10, 2014

Brooklynt Overflow Recently Competed in HackIM CTF. This is a writeup of the vuln4 service. The author was kind enough to provide source to this challenge which is nice but ultimately not necessary or terribly helpful.

Feb 10, 2014

Brooklynt Overflow Recently Competed in HackIM CTF. This is a writeup of the vuln3 service. Vuln3 is a service exposed to the Internet via xinetd or something similar. It accepts input from you writes it to the stack, parses it and performs actions based on it. It does this until you disconnect. The important parts of user input are dwords at offset 0x28 and 0x50. The dword at offset 0x28 tell the service what operation to perform. The dword at offset 0x50 is used only when you ask the service to allocate some memory for you, it is then used as the argument to malloc.

Feb 10, 2014

Exploitation 200 HackIM

Feb 10, 2014

This challenge was relatively straightforward, especially given the fact that we have access to the source.

Dec 2, 2013

A few weeks ago the CSAW CTF Finals were held at NYU-Poly with 15 finalist teams competing.