This commit is contained in:
parent
198f3727e2
commit
aeef05a47f
2 changed files with 102 additions and 1 deletions
|
@ -135,7 +135,7 @@ rightInv (loop i) =
|
||||||
-- Σ2→S¹ (merid false) = loop
|
-- Σ2→S¹ (merid false) = loop
|
||||||
-- Σ2→S¹ (sym (merid true)) = refl_base
|
-- Σ2→S¹ (sym (merid true)) = refl_base
|
||||||
cong (λ p → p i) (
|
cong (λ p → p i) (
|
||||||
cong Σ2→S¹ (merid false ∙ sym (merid true)) ≡⟨ congFunct {x = merid false _} Σ2→S¹ refl refl ⟩
|
cong Σ2→S¹ (merid false ∙ sym (merid true)) ≡⟨ congFunct {x = merid false {! !}} Σ2→S¹ refl refl ⟩
|
||||||
loop ∙ refl ≡⟨ sym (rUnit loop) ⟩
|
loop ∙ refl ≡⟨ sym (rUnit loop) ⟩
|
||||||
loop ∎
|
loop ∎
|
||||||
)
|
)
|
||||||
|
|
101
src/content/posts/2024-09-18-ctf-faq.md
Normal file
101
src/content/posts/2024-09-18-ctf-faq.md
Normal file
|
@ -0,0 +1,101 @@
|
||||||
|
---
|
||||||
|
title: CTF FAQ
|
||||||
|
date: 2024-09-18T00:49:55-05:00
|
||||||
|
tags: [ctf]
|
||||||
|
draft: true
|
||||||
|
---
|
||||||
|
|
||||||
|
There's a lot of foundational stuff that is sometimes not obvious to people who are just starting out in CTF.
|
||||||
|
|
||||||
|
### What does nc \<ip\> mean?
|
||||||
|
|
||||||
|
For example,
|
||||||
|
|
||||||
|
```
|
||||||
|
nc chal.examplectf.com 12345
|
||||||
|
```
|
||||||
|
|
||||||
|
This is a quick way of saying that a server is running at a specific IP on a specific port.
|
||||||
|
`nc` stands for netcat, which is a tool that lets you talk to a server through your command line.
|
||||||
|
|
||||||
|
> [!admonition: NOTE]
|
||||||
|
> This also means that the flag is hidden on the server, and will **not** appear in any of the files that have been distributed to you.
|
||||||
|
|
||||||
|
In reality, you'd probably only use `nc` to play around with it initially.
|
||||||
|
You'd probably want to move to using a script soon, because you are usually given a copy of the program to play around with locally.
|
||||||
|
|
||||||
|
With vanilla Python, you can open a [socket] and replicate the `nc` behavior with:
|
||||||
|
|
||||||
|
[socket]: https://docs.python.org/3/library/socket.html
|
||||||
|
|
||||||
|
```py
|
||||||
|
import socket
|
||||||
|
s = socket()
|
||||||
|
s.connect(("chal.examplectf.com", 12345))
|
||||||
|
```
|
||||||
|
|
||||||
|
Alternatively, use [pwntools]:
|
||||||
|
|
||||||
|
```py
|
||||||
|
from pwn import *
|
||||||
|
r = remote("chal.examplectf.com", 12345)
|
||||||
|
```
|
||||||
|
|
||||||
|
### Why do I get a binary and a C file?
|
||||||
|
|
||||||
|
The binary is often provided because the specific addresses are meaningful to construct an attack.
|
||||||
|
Sometimes a libc is also provided to help craft attacks that need specific libc addresses.
|
||||||
|
|
||||||
|
Using something like [pwntools] makes it easy to do exploration and perform automated searches for addresses through a binary locally very quickly, and then swap out the target to the server once you've found a method to crack the binary.
|
||||||
|
|
||||||
|
[pwntools]: https://pwntools.com
|
||||||
|
|
||||||
|
### I get some text file with values like N, e, c. What does this mean?
|
||||||
|
|
||||||
|
These are usually some values for working with a cryptosystem called [RSA].
|
||||||
|
|
||||||
|
[RSA]: https://en.wikipedia.org/wiki/RSA_(cryptosystem)
|
||||||
|
|
||||||
|
* $N$ is the modulus. It's part of the public key. It's calculated with $N = p \times q$, but usually $p$ and $q$ are left as private
|
||||||
|
* $e$ is the public exponent. It's also part of the public key
|
||||||
|
* $c$ is the ciphertext.
|
||||||
|
* $m$ (if included) is the message, but this is usually the thing you're looking for
|
||||||
|
|
||||||
|
Lots of CTFs will do modified versions of RSA as a puzzle.
|
||||||
|
|
||||||
|
> [!admonition: NOTE]
|
||||||
|
> If the $N$ is just given to you directly instead of in a script, just go ahead and chuck the $N$ into [factordb] to see if it's already been factored!
|
||||||
|
|
||||||
|
[factordb]: https://factordb.com/
|
||||||
|
|
||||||
|
### I need to quickly convert some data
|
||||||
|
|
||||||
|
[CyberChef] is my tool of choice when it comes to this stuff.
|
||||||
|
|
||||||
|
[cyberchef]: https://gchq.github.io/CyberChef/
|
||||||
|
|
||||||
|
### I have a file but I don't know what it is
|
||||||
|
|
||||||
|
Plug the file through the [file] command!
|
||||||
|
It'll tell you what kind of file it is, by looking at the first few numbers. For example:
|
||||||
|
|
||||||
|
[file]: https://en.wikipedia.org/wiki/File_(command)
|
||||||
|
|
||||||
|
```
|
||||||
|
$ file binary
|
||||||
|
binary: ELF 64-bit LSB executable, x86-64, version 1 (SYSV), dynamically linked, interpreter /lib64/ld-linux-x86-64.so.2, BuildID[sha1]=62bc37ea6fa41f79dc756cc63ece93d8c5499e89, for GNU/Linux 3.2.0, not stripped
|
||||||
|
```
|
||||||
|
|
||||||
|
This means it's an executable program.
|
||||||
|
|
||||||
|
Another useful tool is [binwalk], which tells you if there's other files packed in there.
|
||||||
|
This is sometimes useful for some forensics challenges.
|
||||||
|
|
||||||
|
[binwalk]: https://github.com/ReFirmLabs/binwalk
|
||||||
|
|
||||||
|
### I'm on Windows. What do?
|
||||||
|
|
||||||
|
Install [WSL] or [dual boot].
|
||||||
|
|
||||||
|
[WSL]: https://learn.microsoft.com/en-us/windows/wsl/about
|
||||||
|
[dual boot]: https://wiki.archlinux.org/title/Dual_boot_with_Windows
|
Loading…
Reference in a new issue