logo

Menu

  • R00T
  • WH0AM1

Suis-moi !

  • Twitter
  • Github

Forensic dissection of Rumiyah magazine for profiling ISIS propaganda team

Hi, It has been a while since my last article, sorry about that. Today’s article is a bit unusual: it’s still a write up, but this time it’s about a real world problem. I’m going to discuss some work that I have done during the last year on ISIS propaganda, and especially on Rumiyah magazine....

Almost XOR – Crypto – CSAW17

For this challenge of crypto, we got a ciphered message and a python script. We knew from precedent challenge that flag are always of the form flag{XXXX}, so we make the assumption that it was the same here, so we got the first 5 chars of the ciphered so we got first part of the...

Littlequery – Web – CSAW17

Littlequery is a web challenge with a login page : The behaviour is interesting, when we tried to login, the html password input is replaced by the sha1 of the input with this javascript code : $(".form-signin").submit(function () { var $password = $(this).find("input[type=password]"); $password.val(CryptoJS.SHA1($password.val()).toString()); }); So there is a chance that when someone login the...

Best Router – Forensic – CSAW17

For this challenge we have an archive containing a large img file which is a dump of an sd card from a Rasperry Pi. so after extracting it and mounting it we are able to navigate through the files. Nothing in home directory, /etc folder told us that’s there is an apache server on this...

Another Xor – Crypto – CSAW17

Here is a crypto challenge, we got a ciphered message and the script used, source are available on my github. From the script we can clearly see that : message = flag+key+md5(message) ciphered = xor(message, key) The interesting point is that the key have been xored with itself with an offset, but i will help...

Orange v1 – Web – CSAW17

This is one of the web challenge of CSAW17 event. I wrote a little proxy program in NodeJS for my poems folder. Everyone wants to read flag.txt but I like it too much to share. http://web.chal.csaw.io:7311/?path=orange.txt Looks like we have to find a LFI (Local File Inlcusion), we were able to get the index of...

CVV – Misc – CSAW17

In this challenge we were asked to give card number, there are different steps, firstly we are asked card number for Visa, Master Card, Discovery, American Express they must be sent only once. The next step is to give cards numbers which start with 4 given digits, next card number finish with one given number...

Missed Registration – Forensic – CSAW17

For this challenge we got a pcap containing lot of post request, we opened it with wireshark an apply this filter : http.request.method == “POST” Next we extracted all data from POST requests. ...

Serial – Misc – CSAW17

Hi everyone, This weekend took place CSAW17 which is one of the largest student-run cyber-security event in the world, featuring an international online CTF. Our team passed the whole week-end trying to capture the flag. Here is the first write up of some of the challenges we flagged. So the first challenge we solved was...

Configurer Git avec Tor

Nous allons voir aujourd’hui comment utiliser l’utilitaire git via Tor. Lorsque Tor fonctionne, il crée un proxy local 127.0.0.1:9050 qui accepte des connexions de type SOCKS5. Il est possible de configurer un proxy sur l’outil git cependant il s’agit forcément d’un proxy de type HTTP/HTTPS. Afin de faire la passerelle entre les deux nous allons...
Next Page »
Copyright © 2017. BadTigrou