Jump to content
pyth0n3

Disarm the bomb by cutting the correct wires [CHALLENGE]

Recommended Posts

Se da urmatoarea arhiva


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

begin 755 bomb.gz
M'XL("%,5[T\"`V)O;6(`Q5,Q:Q1!%'Y[=X;+P6%$HZ#-7*/AD,1`.HEBT*N4
M@%T:E]W;T2S<W8;=64PJU\(BX$%2I+W_D"[&1A#L#EL[+05M`A9VZ_MF9F4X
M4MCYX,V;[WWOO9V[^>;5H\<]S_.HLAK5">AUT6BN<6S63'Z-!'-+-&=Y;5P#
M_\5;^`7D%DCS.G?`'/M/WL/G+'_2X/@>5=/BXP';N#TY;#1/+W/F^]>R+,?M
M8^`5X,^,3^IH0/<[S#L]TJVK'];GF<BO3(MQ>Q\-5]$PX88?"^.V0F81F;<8
MX54CI@7]9^MVNQN;FT\Z8BO)12^(!S+JM#:282@>QEF0#F4D?'^%W20?V`Q,
MM$R)4-M2A#/='/E8I'+W2NGZ2I["OQ,DYEUKHG:#G;&ZH@Y*A2$[>KG9*[
MBI:C0`7_?O8;9.X7=ZGX[A5DX/`-&SNVKE[IP&I@MNZ2K:GL&S?=<K#GQ)J3
M_\W@CF<T=]'.8VG1_,R\)2:>G3/O/,/O(=UOJG!N@VM&TQ;C)/@N%%;A%J]'
M?R>=E3C3OL-#VQ,'7^/UV,'7G>_C:X+CFZ+B/;H)^3KX-J]?'(RW^LG!=R%\
M!]^W;]H\08]Z^*\/*WQ6/IW!6S.8POPY/,,RH"C.B&5(44([:3Q2I&5+6G4D
D=W<&2211A)HD5^1G*D@Y^&&657NIE>?+441_``N*M.R&!```
`
end
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.10 (GNU/Linux)

iF4EAREIAAYFAk/vFbgACgkQiOFy19RY1SC0xQD7BXcnDyh3is1d8ghAMZIgxgsN
hjGpSPagtvwfGznRdsMA/04FmPk8U7FimmEFtddOt8xVRjiJskwknvye/i+AJe5d
=YStz
-----END PGP SIGNATURE-----

Se cere practic sa faceti in asa fel incat atunci cand executabilul vine rulat bomba sa nu explodeze

Un exemplu


[pyth0n3@mc]$ ./bomb
Bomb Armed ______
Disarm the bomb by cutting the correct wires
> test
***BOOM! You Failed!
[pyth0n3@mc]$

Cei care rezolva problema sunt rugati posteze dar sa nu publice metoda momentan oferind o sansa si celorlati.Cand acest challenge se va termina voi publica sursa si metodele.Codul poate fi executat doar in Linux , in procesoarele Intel 32 biti si a fost scris in assembly.Daca aveti intrebari sunteti liberi sa le faceti, (apropo data trecuta o singura persoana ma intrebat cum sa extraga executabilul din arhiva , l-am codat in ascii nu este criptat , acest lucru permite ca un executabil sa fie introdus intrun host care suporta doar text sau chiar intrun forum )

Bafta!

Later Edit :

Am tradus codul si pentru procesoarele 64 bit Intel pentru cei care prefera sa il ruleze in sisteme 64 bit.


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

begin 755 bomb64.gz
M'XL("-`I[T\"`V)O;6(V-`#%E#%/VT`4QY^=)B)9TBJJ0.UR66@55:DJ=8@$
MA8#:R!*ID+JQU-CQM5A*8F2?59C8.[$P\048\Q$"E6(&O@$+;$AE86%U[\XO
MJ7TD[="A3[I[?K][_W>.]5X./K1;NJ;!V'18`1&=0E/&3>3;^B2%LP;/:T(!
M<C(W#VEK9OP&EMZ87$'D+L("7VWD;6T[XV\Q^Q:R.B,::M)%PI7S/PZ-:'3/
M149T5N'DYC*.8XZ*ND1U@<XE&B;R*'&C=J(YDE6,-T/C73$'$,[S(!I=)X=/
MA?H[5_^L<'B1@F%2<OEWR7+V*_P/J]5JZYN;'ZMDRPM)RW*[U*F6UKV>3=Z[
M@>7WJ$-,\S5?"5Q#(HR4DA3"=BBQQ:F]3SHA8V[_JV0=S_=IAY%OKD^#T@J!
M>K#?8Y;-/?,3OS-^8G2/0=VQF/7OO^EYJE>$#;"O!A@?*_F/E+B*^ARH?:;V
MUW3]DY0V;0V<AQ<*UZ;$^A3]%18]1X'HGC)?<WB^@+XXX_X3;+?/?[G_3R:F
M=S"9US37)]\I6_<ASR._4'A)[G?QD5*[C/G72GX%^;W"YY&+>4[;,TD?OO_X
MW^5,X8O("UJ6OT+^4N%OD5<4OH1\2>&K?#WF_%2YMR7Y7=Q0WO_3#+XU@X,=
M?A$K$%L7'#<`/J[@>+#KNWT&<KQ!3B?0O=VNYU"1)'*\D($9,,OGSK2#8/Q,
/Y82:M._`+P<9IAH&!@``
`
end
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.10 (GNU/Linux)

iF4EAREIAAYFAk/vKh4ACgkQiOFy19RY1SBiLgD+NA4JQvMF1BtMjl9YPffVuDdq
WKvze0HIdlG4dnBeec8A/iODzvPUrdHElMvVuzfBnG5B3/tbzAt52aKakmP3NoVV
=0F1P
-----END PGP SIGNATURE-----

Tin sa precizez, pentru a rezolva problema programul ar trebui sa stampeze urmatorul cod


Bomb Disarmed __/ __

Vreau doar sa mai adaug faptul ca nu exista doar o singura metoda ci mai multe , asta depinde doar de imaginatia pe care o aveti.Oricum rezolvand aceasta problema va veti da seama ca multe chestii merg pe acest principiu.

Edited by pyth0n3
Link to comment
Share on other sites

în func?ia wi*** se compar? $0x3*** cu ce am introdus noi , ?i de aici continuarea ( dac? zic bine ) , cam pân? pe aici am ajuns. m? mai chinui s? aflu valoarea lui $0x**** , având în vedere c? nu prea am f?cut lucruri de genul :)).

// am cenzurat cu ** s? nu dau prea multe indicii..

// e bine pân? aici? :)))

Link to comment
Share on other sites

Mini HowTo

32bit bomb

Import the key


wget -q -O - http://sprunge.us/dgLH | gpg --import

Download && verify signature


wget http://sprunge.us/EXDh -O bomb32.asc && gpg --verify bomb32.asc

Decode


uudecode bomb32.asc && gunzip bomb.gz

64 bit bomb

Import key


wget -q -O - http://sprunge.us/dgLH | gpg --import

Download && verify signature


wget http://sprunge.us/eedG -O bomb64.asc && gpg --verify bomb64.asc

Decode


uudecode bomb64.asc && gunzip bomb64.gz

Hint: Exista probabilitatea ca rezolvarea problemei in executabilul 64bit sa fie diversa de rezolvarea problemei aceluiasi executabil in 32 bit.

Link to comment
Share on other sites

Mini HowTo

32bit bomb

Import the key


wget -q -O - http://sprunge.us/dgLH | gpg --import

Download && verify signature


wget http://sprunge.us/EXDh -O bomb32.asc && gpg --verify bomb32.asc

Decode


uudecode bomb32.asc && gunzip bomb.gz

64 bit bomb

Import key


wget -q -O - http://sprunge.us/dgLH | gpg --import

Download && verify signature


wget http://sprunge.us/eedG -O bomb64.asc && gpg --verify bomb64.asc

Decode


uudecode bomb64.asc && gunzip bomb64.gz

Hint: Exista probabilitatea ca rezolvarea problemei in executabilul 64bit sa fie diversa de rezolvarea problemei aceluiasi executabil in 32 bit.

E vreo problema daca nu am mai importat cheia, ci am trecut fisierul direct prin uudecode?

Link to comment
Share on other sites

@Flubber OK, doar ca mia luat ceva ca sa descifrez link-ul de download corect

Puteti lua de aici executabilul

wget http://sprunge.us/OSEH -O bomb.disarmed && uudecode bomb.disarmed && gunzip  bomb.disarmed.gz 

@bcman Not Required , e doar pentru a verifica semnatura

Astept alte rezolvari, avand in vedere faptul ca avem deja o sursa rezolvata.

Link to comment
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.



×
×
  • Create New...