PHDays CTF Quals 2014 Write-up: "miXer"

The description of the task is that the program has been stuck “in a blender.”  Upon opening the program in IDA Pro, it is clear the bytes have been modified, since there are nonsensical instructions and a large block of undecipherable bytes. It is...

PHDays CTF Quals 2014 Write-up Collection

If you know of a link we have missed, please let us know in the comments and we will add it shortly.  Thanks! Metal Gear Felix http://tasteless.se/2014/01/phd-ctf-quals-2014-rbox-and-metal-gear-felix-writeup/ mp3 me...

Security for Lawfirms: Protecting Your Clients' Secrets

Data security is paramount for any business, especially those entrusted with the intellectual property of others.  Today’s cyber threats are only growing more sophisticated, and keeping your business secure is correspondingly ever more complex. ...

Ghost in the Shellcode 2014 Write-up Collection

We had a great time solving a few problems from the Ghost in the Shellcode CTF this past weekend and wanted to have an easy place with links to write-ups from all around the Internet, so we created it here.  If you know of a link we have missed, please let...

Ghost in the Shellcode 2014 Write-up, Crypto 75: "dogecrypt"

We are given the hint “Solveable in <5m. Much attack very wamerican-small.” The file begins with “VimCrypt~01!” and research on vim’s encryption method reveals that this means the file has been encrypted with the Unix crypt function....

Ghost in the Shellcode 2014 Write-up, Trivia 150: "inview"

Viewing the file with whitespace visible in vim shows that there are strange combinations of tabs and spaces at the end of each line. Assuming there’s more to whitespace than meets the eye, we search for all non-whitespace characters: …and remove them. We...

Programmatic String Deobfuscation in .NET Malware

Those who have “reversed” .NET libraries would probably argue that you’re not really reversing a binary if it contains full type information. Commercial software developers and malware authors would make a similar claim and are therefore compelled to...

VERIZON… What did you change?

For two years now, Digital Operatives has hosted some systems on Verizon FiOS. Largely it has been trouble-free. That is, until about a week ago. About a week ago, two employees (eventually three) described an issue they were having connecting to our mail server and...