Author Archives: littlefater

HELP: Flare-On 6 Challenge 12

Posted on November 23, 2019 by littlefater

Flare-On is Fireeye’s annual CTF which mainly focused on reverse engineering and this year (2019) is the 6th. I got a chance to finish all the challenges and the last challenge (challenge 12) is quite interesting and educational so I … Continue reading

Posted in CTF, WinDbg | Tagged , , , | 2 Comments

Bypass WAF with MySQL REGEXP

Posted on August 14, 2017 by littlefater

In this post I want to share a trick that helps me to bypass a WAF (Web Application Firewall) when solving a challenge in a CTF-like penetration testing laboratory called PENTESTIT TEST LAB 11. After registering on https://lab.pentestit.ru/ you will be … Continue reading

Posted in CTF | Tagged , , , | Comments Off on Bypass WAF with MySQL REGEXP

RCTF Crypto 100 Decode The File

Posted on November 17, 2015 by littlefater

File: cip_d0283b2c5b4b87423e350f8640a0001e MD5: d0283b2c5b4b87423e350f8640a0001e SHA256: 1b13fdec1c3a0da404ad53d4f9130f84ba5f3d7708650f52fb328bb7abf65ba8 If you open the file with a text editor, you can see the following content: Obviously, the data here is encoded by Base64 algorithm, let’s decode it: The above picture shows the decoded content, by searching the … Continue reading

Posted in CTF | Tagged , , | Comments Off on RCTF Crypto 100 Decode The File

RCTF Reverse 300 Creack Me

Posted on November 17, 2015 by littlefater

Name: crackMe_aafb0addeb58dece1fcf631a183c2b20 MD5: AAFB0ADDEB58DECE1FCF631A183C2B20 SHA256: 3091F5DF9D1D4E470B36DD8AFBBFEB7F03A5398B3F8846B892425F4BCD890E20 The file of this challenge is a Windows Portable Executable packed with UPX and it can be unpacked with the UPX utility: The unpacked file introduced some simple anti mechanisms, the first one is located … Continue reading

Posted in CTF | Tagged , , | Comments Off on RCTF Reverse 300 Creack Me

FLARE On Challenge (2015) #11

Posted on September 10, 2015 by littlefater

This is the final challenge and it is said to be more difficult than the previous challenges. The file of this challenge named CryptoGraph, which is a 32 bit Windows Portable Executable file. Let’s analyze it in IDA at first. … Continue reading

Posted in CTF | Tagged , , , | Comments Off on FLARE On Challenge (2015) #11