2020-04-11

simple is a binary that waits for a string on stdin and returns whether the input was the valid key or not. It does that in a very interesting way: there are only 112 bytes of executable x86 code in this 45K binary. After a bit of static analysis in IDA we found out that these 112 bytes implement a common One Instruction Set Computer virtual...

Can you go with the flow? no_mo_flo is a reverse engineering challenge from this year’s PlaidCTF. It’s a 64-bit executable that reads 32 characters from stdin, and tells you if this is the correct flag or not (classic). Opening it in IDA reveals that it takes the input and breaks it into two 16 bytes buffers: for ( i = 0; i...

For the seventh year, we are going to give a 3 day conference to show the work we are doing here at the LSE, about various themes we like, have encountered or overall judge interesting. The exact planning and subjects addressed will be announced later, as well as the exact timetable. As we did last year, we are also opening the talks to external...

One cool way to get your hands dirty when discovering something is to try to make it do simple stuff in some stupid/overkill way. When I first had “fun” with the Linux ELF format, I was told to call printf without using it directly, by finding which address to call from inside the binary. For this, one would start from the mapped program header,...

Prologue Three Devices for logic analysis of passively captured traces, Seven for inter-chip communication driven by hardwired interfaces, Nine for in-circuit debugging limited to specific purpose, One for complex hardware hacking scenarios. Three tinkerers took those words as they are. Overthrown by the complexity implied by the multiplicity of...