Using z3 to find a password and reverse obfuscated JavaScript - Fsec2017 CTF
Recently I attended fsec 2017 in croatia. And there was a cool CTF challenge I solved during the conference that I wanted to share.
script: gist.github.com/LiveOverflow/...
=[ 🔴 Stuff I use ]=
→ Microphone:* geni.us/ntg3b
→ Graphics tablet:* geni.us/wacom-intuos
→ Camera#1 for streaming:* geni.us/sony-camera
→ Lens for streaming:* geni.us/sony-lense
→ Connect Camera#1 to PC:* geni.us/cam-link
→ Keyboard:* geni.us/mech-keyboard
→ Old Microphone:* geni.us/mic-at2020usb
US Store Front:* www.amazon.com/shop/liveoverflow
=[ ❤️ Support ]=
→ per Video: / liveoverflow
→ per Month: / @liveoverflow
=[ 🐕 Social ]=
→ Twitter: / liveoverflow
→ Website: liveoverflow.com/
→ Subreddit: / liveoverflow
→ Facebook: / liveoverflow
=[ 📄 P.S. ]=
All links with "*" are affiliate links.
LiveOverflow / Security Flag GmbH is part of the Amazon Affiliate Partner Programm.
#CTF
Пікірлер: 76
This is by far my favourite hacking related KZread channel, the story + CTF format works great as far as I'm concerned.
I think if you keep the story + film in the first part and the challenge in the second part (or vice versa), a lot of people would like it.
@indexoverflow
6 жыл бұрын
Agreed. The storytelling was interesting, but it made the flow of the video a bit unnatural. Try it the way suggested above.
@ltstaffel5323
6 жыл бұрын
+1
@lpnando
6 жыл бұрын
I also agree
Very impressive man. Really enjoyed your video and was satisfied with the story telling.
I liked the story telling and thought it added to the video and made it more interesting and entertaining to watch.
Very dope video walking through the various skillsets required to solve such a problem, as well as the need to understand the scope of a problem. De-obfuscation is really the secret sauce, once you understand the recipe manipulating it is just a matter of how lazily/efficiently you can execute.
I thought the video was a nice intro to why and where you made this. I like your humility. I also like the pacing of the video. Sure I wish you would slow down, but I can watch it again. You get to the solution quickly showing how each step fits together. I will rewatch closer.
I really like your videos! Great for learning how to deconstruct ctf challenges :)
As you asked if storytelling + reversing is good, i dont think so, because it breaks the thought process when you try to follow whats going on, especially for less experienced like me i think
@LiveOverflow
6 жыл бұрын
thanks! valuable feedback :)
@FreeER
6 жыл бұрын
same opinion here. Even though you'd just mentioned it the jump from the anti debugger to the story made me stop the video and say "wait, what?". I don't mind a story _and_ a debugging session/explanation in the same video but interleaving the two when the story isn't some part of the explanation (eg. a friend of mine pointed out...it reminded me of...) apparently breaks my mind :D
@ryangurak5239
6 жыл бұрын
I agree. But, I like to hear both types of things, perhaps intertwined more thoroughly so it doesn't seem so jarring.
Love your videos. I'm learning alot from them.
Look at that Cake!!! Nice vid as always !!
Appreciate the honesty on how long it takes to solve ctfs
great meeting you dude! too bad we didnt get a chance to talk over a beer.
I'm going trough your CTF playlist and I find my country! Yaay!
I love it when you drop F bombs. Great videos. I'm sad that KZread algorithms took so long to suggest your videos to me.
Hey, do you know something about a IATool to reverse bins? IA used to auto reverse? Or IA used as a hacker tool in anyway?
Muito interessante seus vídeos sobre hacker, obrigado por compartilhar seus ensinamentos e por sua humildade em ser quem você é!
It sucked That the video ended 😭
why can't I register for this CTF? is it closed? when I press enter in the register form, the pages refreshes and nothing happened
i need to rewatch these, since first time i saw it i didn't knew shit about this stuff
I thought it was a good mix between talking about the conference and playing the CTF.
Wow great video
Nice video, have you got a link or a backup of the challenge files? The link in the video doesn’t work anymore
Hi. Where I may to find the pdf presentation (3:47)?
I'm asking for a favor pls make a playlist of all web app security videos from your channel. I'm a newbie to web app sec it would be really helpful for all of us. Thanks.
Hey, do you have a link for the CTF or is it down ?
Are you going to be at defcamp CTF?
Hahaha flag hoarding! Well when you're the main person who makes CTF videos, I guess people expect you to be a god!
More fun @liverOverFlow
i wish i could do this but where to start?
you WERE IN CROATIA WHY THE FUK I DIDNT VISIT THAT CONFERENCE :(
how to download any html files?
Hi how are you mate !! Thanks for this awesome videos , do you may sharing what kinda resources and books you study to Lear all of this please , am just starting to hacking and HTB and CTF
@nukexplosion6679
3 жыл бұрын
You can read "Hacking: The art of exploitation" and "Attacking network protocols". Also you can see LiveOverflow's binary hacking and web hacking playlist. I recommend you start with "Hacking: The art of exploitation" and the binary playlist first, then go for web and network protocol stuff. Also be sure to check out this invaluable reddit post: www.reddit.com/r/hacking/comments/a3oicn/how_to_start_hacking_the_ultimate_two_path_guide/
@nukexplosion6679
3 жыл бұрын
Also check out his "The secret step by step way to start hacking" video
I live in Croatia (Zagreb)!
What is this video about for?
9:53 well at least you can solve them... unlike me
I recently wrote a deobfuscator for this kind of while/switch obfuscation: gist.github.com/skyrising/00a3500e24ddeab167c5692445e6dd11
Very good video, where can I get z3?
nice vid as always, btw *def* is_valid(c): *return* c *in* "APSYD0GNIL1_"
@LiveOverflow
6 жыл бұрын
+Creuilcreuil _ no. That won’t work. It has to be a z3 expression
No storytelling... "real life good graphics bad gameplay"
Hahaha CTF decoding machine :)
why does he have a juche (korean communist) sticker on his laptop at 1:31?
@zacpier
6 жыл бұрын
His laptop's hostname is "redstar-os" I wouldn't think much of it
Interesting. I modify your code and use BitVec only, (I removed BV2Int) and the code produces unsat. However, in BitVecRef, there is __mul__ and __div__, so I think there is no need to convert it to Int (by using BV2Int) at line 61, 62. Then I figure out, that in line 61, the divide operation in BitVec is un-natural, so we have to use BV2Int. (pictures included) imgur.com/LUKQFnL TIL: __mul__ in z3 is great, __div__ is not.
@LiveOverflow
6 жыл бұрын
I spent most of my time fighting with z3. I also tried it with BitVecs first. I think I ran into the same issue and got frustrated.
@ko-Daegu
2 жыл бұрын
Where can I learn more about z3
This firefox extension works very well to deobfuscate javascript. (Only works on old firefox versions) addons.mozilla.org/en-US/firefox/addon/javascript-deobfuscator/
why do you even censor your face if you spoke in public and people could see you? i dont get it lol
Buy the ST license...
THIS THE SHIT I DO LIKE HYAHHHHHHHHHHHHH
Wow 😵 wie? :D
I didn't know you were black
@4pxris3
5 жыл бұрын
what? he's german how would he be black
@Whynot83848
5 жыл бұрын
@@4pxris3 because he blackened his face
@francismori7
5 жыл бұрын
@@4pxris3 also lol, why can't a german-born person be black? :/
How to find password for 7z file ?? Plz reply
@ahmedselimuzum3049
5 жыл бұрын
You can brute force it with John the ripper
@pavansai6078
5 жыл бұрын
@@ahmedselimuzum3049 where to get the john the ripper ?
@ahmedselimuzum3049
5 жыл бұрын
@@pavansai6078 github.com/magnumripper/JohnTheRipper the official repo of John The Ripper
@pavansai6078
5 жыл бұрын
@@ahmedselimuzum3049 bro how to use any video plz
@ahmedselimuzum3049
5 жыл бұрын
@@pavansai6078 kzread.info/dash/bejne/ioGIzamHg9zJl5M.html a tutorial for john the ripper 7z cracking
Somebody added a portuguese translation to your video and the title simply sucked ass, I had to switch to english to understand what was happening...
I don't really like this style of mixing the write-up and the story-telling parts. It ruins both. Having both exist separately (either in the same video or as 2 separate videos) would be better.
lol 8:00 python really has evolved a lot. these 10 lines are now just `x in "APSYD0GNIL1_"` xdd