CSAW CTF 2015 - Transfer
After quickly looking through the .pcap, we find two things: a python source file, and a large b64 string (‘2Mk16Sk5iakYx…’)
CSAW CTF 2015 - Sharpturn
We’re given a .tar.xz which contains a partially corrupted git repo. Running git log
reveals 4 commits, which all primarily build out one main .c file:
CSAW CTF 2015 - Lawn Care Simulator
After browsing around the home page of the website given, we notice 2 suspect things: password MD5s are computed client side, and there is a version number at the bottom of the page. After inspecting in chrome dev tools, we see that the version number is dynamically pulled from /.git/refs/heads/master
, meaning that the site’s .git is publically accessible. However, while we can read files, directory listings are turned off. After researching the basics of how git works, we grab /.git/index
which contains the filenames and sha1 hashes of all files in the repo. Running this through a git index parser (e.g. gin), we get a list of all the files and hashes:
CSAW CTF 2015 - Precision
TL; DR
- Overflow