diff --git a/src/content/posts/reversing-alien-gibberish-xlitoni.md b/src/content/posts/reversing-alien-gibberish-xlitoni.md index 6faad4d..94e734c 100644 --- a/src/content/posts/reversing-alien-gibberish-xlitoni.md +++ b/src/content/posts/reversing-alien-gibberish-xlitoni.md @@ -1,6 +1,6 @@ --- title: "Write-up of Alien Saboteur (Reversing) CTF HTB Apocalypse 2023" -summary: "Reversing alien gibberish" +summary: "Reversing alien gibberish: a write-up of a Reverse challenge from basic binary analysis to final keygen script and exploit" date: 2023-04-25T17:52:09-02:00 lastUpdate: 2023-04-25T17:52:09-02:00 tags: ["reverse","write-up","Supwn"] diff --git a/src/content/posts/web3py-solidity-write-up.md b/src/content/posts/web3py-solidity-write-up.md index 368df8e..8abae23 100644 --- a/src/content/posts/web3py-solidity-write-up.md +++ b/src/content/posts/web3py-solidity-write-up.md @@ -1,9 +1,9 @@ --- title: "Write-up of The Art of Deception (Blockchain) CTF HTB Apocalypse 2023" -summary: "Simple tutorial to Discord bots using `discord.py`" +summary: "Introduction to Web3 security: an explanation of the logic put behind flagging a Web3 challenge, written in web3py and solidity." date: 2023-03-28T15:08:45-02:00 lastUpdate: 2023-03-28T15:08:45-02:00 -tags: ["web3","solidity","write-up","Supwn"] +tags: ["introduction", "web3", "solidity", "write-up", "Supwn"] author: Turtyo draft: false --- @@ -35,7 +35,7 @@ And the `Get flag` tells us the challenge isn't solved yet. We also have some files that we downloaded at the start of the challenge, let's check what's inside of them: `Setup.sol` -```rust +```solidity // SPDX-License-Identifier: UNLICENSED pragma solidity ^0.8.18; @@ -57,7 +57,7 @@ contract Setup { We can for now see with the function `isSolved` that we need to verify `TARGET.lastEntrant() == "Pandora"` `FortifiedPerimeter.sol` -```rust +```solidity // SPDX-License-Identifier: UNLICENSED pragma solidity ^0.8.18; @@ -98,7 +98,7 @@ Here we see multiple interesting things. First, we understand what was this "las This `name` function is defined as an `external` function in the `Entrant` interface. In Solidity, the `external` keyword means that the function is called from outside the contract. To read more about function types, you can check the doc [here](https://docs.soliditylang.org/en/v0.8.19/types.html#function-types). Here, it is left to the person interacting with the `enter` function to implement it. In itself, this is not a vulnerability. But the vulnerability comes in the following two lines: -```rust +```solidity require(_isAuthorized(_entrant.name()), "Intruder detected"); lastEntrant = _entrant.name(); ``` @@ -108,7 +108,7 @@ The interesting thing to note here is that the `name` function is called twice, ***"What if we gave a name in the authorized list the first time the function is called and the name Pandora the second time ?"*** I started by writing a solidity file for this (`fake_entrant.sol`) -```rust +```solidity // SPDX-License-Identifier: UNLICENSED pragma solidity ^0.8.18; @@ -203,5 +203,3 @@ Also if you just started working with web3 (as I did before this CTF), the diffe I hope this WU was clear, thank you for reading through it. Turtyo for the Supwn team - -","summary":"An explanation of the logic put behind flagging this challenge, written in web3py and solidity.","createdAt":{"$date":{"$numberLong":"1680016125730"}},"updatedAt":{"$date":{"$numberLong":"1680016125730"}},"__v":{"$numberInt":"0"}} \ No newline at end of file diff --git a/src/content/posts/wu_fcsc_2022_a_l_envers.md b/src/content/posts/wu_fcsc_2022_a_l_envers.md index 25d2ffd..5bbbc85 100644 --- a/src/content/posts/wu_fcsc_2022_a_l_envers.md +++ b/src/content/posts/wu_fcsc_2022_a_l_envers.md @@ -4,7 +4,7 @@ summary: "Initiation à Pwntools" date: 2024-02-14T20:00:00+01:00 author: "Thomas Roberge" draft: false -tags: ["write-up","FCSC","programming","pwntools","FR"] +tags: ["introduction", "programming", "pwntools", "write-up", "FR"] --- > On peut retrouver ce challenge sur [Hackropole](https://hackropole.fr/fr/challenges/misc/fcsc2022-misc-a-l-envers/)