Woo, first CTF writeup. I got the opportunity to participate in the 2017 CSAW CTF finals with Don’t Hack Alone.
Dumped by my core, left to bleed out bytes on the heap, I was stripped of my dignity… The last thing I could do was to let other programs strip me of my null-bytes just so my memory could live on.
We are provided with a core dump. Examining the flavor-text and the dump, we notice that the dump has no null bytes; we conjecture that they have been stripped out.
Next, we examine the hexdump and look for any clues. There are a bunch of ASCII strings, but they look like normal debugging symbols. One thing that jumps out is that there are a couple fairly convincing regular striped patterns that become vertically aligned if you display 20 bytes in each line. Once we do that, we notice the following section. (This dump is from
xxd -c 20 thoroughlyStripped is quite sufficient.)
(Okay, this post is backdated.)
Disassembling the executable produces a huge amount of code. There are some basic obfuscations like a lot of trivial identity functions nested in each other, and a few functions that wrap around identity functions but just add some constant multiple of 16. Most of the meat is in one very large function, though. If you disassemble this function with IDA, you see a lot of variable initializations and then a lot of interesting loops that are quite similar:
And here we are.
This is the first post on this blog after I migrated off WordPress for a static solution.
At first, I wanted to set things up on Amazon Web Services (AWS), which was an adventure. There are lots of online posts about how to do this, but Amazon’s services change quickly and there was often outdated information. For instance, Amazon had a wizard that led you through setting up a static site, which I clicked on. It helpfully handled a lot of grunt work, but now I was out of sync with all of the guides. Oh well.
I think things are confusing partly because there are four AWS components all interacting to make a static site happen:
I guess I lied in my penultimate post.
I’m planning on migrating my primary blog (again), off WordPress to a static site hosted somewhere. I might just throw everything onto GitHub Pages, or might follow any of the zillions of tutorials on how to host static sites off a cheap Amazon S3 bucket — I haven’t decided yet, but no longer having to rely on the free part of freemium services is fairly liberating.
Why? Lots of small reasons.
tl;dr: I don’t use Facebook much. If you want to contact me, I would prefer nearly any other mode of communication. I am also going to stop autosharing posts from this blog onto Facebook. RSS readers are great; get yours today.
Recently I checked Facebook and it said something like “You’ve added N friends this past T units of time! Thanks for making the world more connected!” and I just couldn’t any more. Facebook friends are not friends. Dunbar’s number is around 150, maybe double that if you want to stretch it; humans cannot handle that many human relationships. Facebook’s siloed ecosystem is the opposite of connected with the rest of the Internet.
That is one of many reasons I pretty much don’t use Facebook any more. This is not new, but I’ve never formalized it. Also, I figure others might assume otherwise since I still do have an account and still accept friend requests and post sometimes. Thus, I’m writing this post.
Here are all of the reasons:
There’s some point in the decline of a blog’s activity at which you just can’t apologize with a straight face for not posting any more. Only ironically.
I brainstormed reasons why I’m not blogging. It took a while for me to find a reason that felt right, but I think it’s mostly the concern that I don’t have anything important to say, and I’m just spamming people’s inboxes or Facebook feeds. I make fun of my perfectonist tendencies, but they haven’t gone away and have been exacerbated by how public this blog feels now. There’s also a general feeling permeating life that I should be trying to present myself professionally to people, because like a diamond, the Internet is forever.
And it’s not even January any more.
(Thing negative two: Thing zero, which is at the bottom of this post, contains two puzzles by me. Skip there if that sounds interesting and text walls don’t.)
Thing negative one: I abandoned this blog (again). The last month has been a mess and much of it is political stuff of the sort that I’m the worst/slowest at writing about.
Thing one: I was on-site for a second MIT Mystery Hunt.
It seems to me like lots of people want this year to be over. Among all the other things, 2016 is also apparently the year I totally abandon this blog and put off certain planned posts by several months.
I guess this is what happens when you take five technical classes at MIT. The extracurriculars aren’t helping. And the fastest and most confident writing I do is still reactive, when there’s an externally-imposed deadline or when “somebody is wrong on the internet”. This blog isn’t.
Oh well, time to make up for it in 2017.
What happened this year? I’ll start with some serious categories:
This is two days late and it’s not even the post that was supposed to be here. That will have to wait until I’m less hosed. ESP just finished running Splash, our largest annual event in which thousands of high school students come to MIT’s campus, and MIT community members (mostly) teach whatever they want to the students. This was the first big program I participated really deeply in as an ESP admin, and it has this way of eating you alive and spitting you out full of joy and immersion in life but devoid of energy and buffer zones for finishing other things by their deadlines.
On a similar note, thanks for all the birthday wishes from everyone everywhere. I’m sorry I haven’t found the time to respond or sometimes reciprocate. This made my day, and probably last couple of weeks too.
On November 8th, 2016, Donald Trump was elected the 45th President of the United States. Along with a Republican House and Senate majority, to boot.
The world around me is still hurting and reeling from the shock.
Make no mistake, I am scared. I am scared of the policies and executive orders and legal decisions to come that may strip away many civil rights and send the environment down a worse track faster than anyone expected, and I’m barely in any of the groups that have the most to lose. I have no idea what it’s like to go through this as any of you. I am sorry.
But I am also scared that this fear is driving my friends and my community away from talking to the people we need to talk to if we want to make sure this doesn’t happen again.
I’ve heard a lot of people vilify Trump and Trump supporters. Anecdotally, so have others. It’s an understandable reaction, but a fragile one. 60 million people voted for Trump. Quoting Wait But Why, “[P]eople with kids and parents and jobs and dogs and calendars on their wall with piano lessons and doctors appointments and birthday parties written in the squares. Full, three-dimensional people who voted for what they hope will be a better future for themselves and their family.”
People voted for Trump. Why?
Here’s FiveThirtyEight profiling a few blue-collar voters. The Washington Post interviewing an author who spent a lot of time in rural Wisconsin. The New York Times on women. If the articles’ reasons for voting Trump could be summarized in one word, it would certainly be “economy”.
But then FiveThirtyEight tempers it a little bit with this reminder that Trump’s supporters are on average more well-off than others. Here’s The New Yorker visiting a bunch of Trump rallies. SupChina discusses first-generation Chinese immigrants supporting Trump and racism is a bullet point there, but apparently it’s partly rallied around rap lyrics about robbery that advise to “find a Chinese neighborhood” to steal from, so…? I am not going to go any deeper into this rabbit hole. Then here’s Mother Jones arguing against the economy being a big factor at all, and Vox saying it is about racial resentment. Here’s Bloomberg on the Clinton campaign’s failure to persuade and The Federalist on “hyper-liberal late-night comedy” and The Washington Times on Trump’s optimism. I could find hundreds more out there just by Googling, and so could you; and chances are if you’re enough of a voracious reader to be reading my humble blog, you’ve already read some of these.