faq page wip
All checks were successful
ci/woodpecker/push/woodpecker Pipeline was successful

This commit is contained in:
Michael Zhang 2024-09-18 01:14:15 -05:00
parent 198f3727e2
commit aeef05a47f
2 changed files with 102 additions and 1 deletions

View file

@ -135,7 +135,7 @@ rightInv (loop i) =
-- Σ2→S¹ (merid false) = loop -- Σ2→S¹ (merid false) = loop
-- Σ2→S¹ (sym (merid true)) = refl_base -- Σ2→S¹ (sym (merid true)) = refl_base
cong (λ p → p i) ( cong (λ p → p i) (
cong Σ2→S¹ (merid false ∙ sym (merid true)) ≡⟨ congFunct {x = merid false _} Σ2→S¹ refl refl ⟩ cong Σ2→S¹ (merid false ∙ sym (merid true)) ≡⟨ congFunct {x = merid false {! !}} Σ2→S¹ refl refl ⟩
loop ∙ refl ≡⟨ sym (rUnit loop) ⟩ loop ∙ refl ≡⟨ sym (rUnit loop) ⟩
loop ∎ loop ∎
) )

View file

@ -0,0 +1,101 @@
---
title: CTF FAQ
date: 2024-09-18T00:49:55-05:00
tags: [ctf]
draft: true
---
There's a lot of foundational stuff that is sometimes not obvious to people who are just starting out in CTF.
### What does nc \<ip\> mean?
For example,
```
nc chal.examplectf.com 12345
```
This is a quick way of saying that a server is running at a specific IP on a specific port.
`nc` stands for netcat, which is a tool that lets you talk to a server through your command line.
> [!admonition: NOTE]
> This also means that the flag is hidden on the server, and will **not** appear in any of the files that have been distributed to you.
In reality, you'd probably only use `nc` to play around with it initially.
You'd probably want to move to using a script soon, because you are usually given a copy of the program to play around with locally.
With vanilla Python, you can open a [socket] and replicate the `nc` behavior with:
[socket]: https://docs.python.org/3/library/socket.html
```py
import socket
s = socket()
s.connect(("chal.examplectf.com", 12345))
```
Alternatively, use [pwntools]:
```py
from pwn import *
r = remote("chal.examplectf.com", 12345)
```
### Why do I get a binary and a C file?
The binary is often provided because the specific addresses are meaningful to construct an attack.
Sometimes a libc is also provided to help craft attacks that need specific libc addresses.
Using something like [pwntools] makes it easy to do exploration and perform automated searches for addresses through a binary locally very quickly, and then swap out the target to the server once you've found a method to crack the binary.
[pwntools]: https://pwntools.com
### I get some text file with values like N, e, c. What does this mean?
These are usually some values for working with a cryptosystem called [RSA].
[RSA]: https://en.wikipedia.org/wiki/RSA_(cryptosystem)
* $N$ is the modulus. It's part of the public key. It's calculated with $N = p \times q$, but usually $p$ and $q$ are left as private
* $e$ is the public exponent. It's also part of the public key
* $c$ is the ciphertext.
* $m$ (if included) is the message, but this is usually the thing you're looking for
Lots of CTFs will do modified versions of RSA as a puzzle.
> [!admonition: NOTE]
> If the $N$ is just given to you directly instead of in a script, just go ahead and chuck the $N$ into [factordb] to see if it's already been factored!
[factordb]: https://factordb.com/
### I need to quickly convert some data
[CyberChef] is my tool of choice when it comes to this stuff.
[cyberchef]: https://gchq.github.io/CyberChef/
### I have a file but I don't know what it is
Plug the file through the [file] command!
It'll tell you what kind of file it is, by looking at the first few numbers. For example:
[file]: https://en.wikipedia.org/wiki/File_(command)
```
$ file binary
binary: ELF 64-bit LSB executable, x86-64, version 1 (SYSV), dynamically linked, interpreter /lib64/ld-linux-x86-64.so.2, BuildID[sha1]=62bc37ea6fa41f79dc756cc63ece93d8c5499e89, for GNU/Linux 3.2.0, not stripped
```
This means it's an executable program.
Another useful tool is [binwalk], which tells you if there's other files packed in there.
This is sometimes useful for some forensics challenges.
[binwalk]: https://github.com/ReFirmLabs/binwalk
### I'm on Windows. What do?
Install [WSL] or [dual boot].
[WSL]: https://learn.microsoft.com/en-us/windows/wsl/about
[dual boot]: https://wiki.archlinux.org/title/Dual_boot_with_Windows