Pages

Monday, October 1, 2012

CSAW CTF Quals 2012 Trivia Writeup

As mentioned in the previous post, the CSAW CTF also had a Trivia section of challenges, with each solution worth 100 points. Each of these could be found with a little Google-fu and some work if needed. Here are the solutions to the Trivia challenges:

Trivia 1 - What is the first step in owning a target?

The answer to this one should be obvious to pentesters, as RECON is the first step in owning a target (you need information to work with). Also, one could possibly see the 'Recon' challenges listed under the Trivia section and assume that, which would work also.

Key: recon

Trivia 2 - What is the name of Google's dynamic malware analysis tool for Android applications?

I knew the answer to this one already since I had previously seen slides of a talk given by Charlie Miller and Jon Oberheide on exploiting the tool named Bouncer.

Key: Bouncer

Trivia 3 - What is the x86 opcode for and al, 0x24? Put your answer in the form 0xFFFF.

Since I don't have my x86 opcodes memorized, it was time to find a resource. This one served my purpose well. We can see that the and instruction called with al and an imm. value (constant) is 0x24. Therefore, the key to this is 0x2424, as the constant is listed after the first byte in the opcode.

Key: 0x2424

Trivia 4 - Who was the first security researcher to publish the DEP bypass that utilized WriteProcessMemory()?

A bit of Googling led me to this paper, written by Spencer Pratt, which is the answer.

Key: Spencer Pratt

Trivia 5 - What is the name of Microsoft's distributed fuzzing system that utilizes automated debugging, taint analysis, model building, and constaint solving? 

This one was the most difficult for me to find, partly because I kept getting hung up trying keys related to 'BlueHat'. It made sense to me, a community driven (distributed) system revolving around those topics. However, this wasn't the answer. After some more research, I found this article, which turned out to be the answer.

Key: SAGE

As mentioned, these challenges were all easily obtainable with a little research. I think these were meant to give new CTF-goers (like me!) the chance to quickly gain points and build confidence, which is a great idea.

More write-ups will be added soon!

-Jordan

No comments:

Post a Comment