This commit is contained in:
parent
198f3727e2
commit
aeef05a47f
2 changed files with 102 additions and 1 deletions
|
|
@ -135,7 +135,7 @@ rightInv (loop i) =
|
|||
-- Σ2→S¹ (merid false) = loop
|
||||
-- Σ2→S¹ (sym (merid true)) = refl_base
|
||||
cong (λ p → p i) (
|
||||
cong Σ2→S¹ (merid false ∙ sym (merid true)) ≡⟨ congFunct {x = merid false _} Σ2→S¹ refl refl ⟩
|
||||
cong Σ2→S¹ (merid false ∙ sym (merid true)) ≡⟨ congFunct {x = merid false {! !}} Σ2→S¹ refl refl ⟩
|
||||
loop ∙ refl ≡⟨ sym (rUnit loop) ⟩
|
||||
loop ∎
|
||||
)
|
||||
|
|
|
|||
101
src/content/posts/2024-09-18-ctf-faq.md
Normal file
101
src/content/posts/2024-09-18-ctf-faq.md
Normal file
|
|
@ -0,0 +1,101 @@
|
|||
---
|
||||
title: CTF FAQ
|
||||
date: 2024-09-18T00:49:55-05:00
|
||||
tags: [ctf]
|
||||
draft: true
|
||||
---
|
||||
|
||||
There's a lot of foundational stuff that is sometimes not obvious to people who are just starting out in CTF.
|
||||
|
||||
### What does nc \<ip\> mean?
|
||||
|
||||
For example,
|
||||
|
||||
```
|
||||
nc chal.examplectf.com 12345
|
||||
```
|
||||
|
||||
This is a quick way of saying that a server is running at a specific IP on a specific port.
|
||||
`nc` stands for netcat, which is a tool that lets you talk to a server through your command line.
|
||||
|
||||
> [!admonition: NOTE]
|
||||
> This also means that the flag is hidden on the server, and will **not** appear in any of the files that have been distributed to you.
|
||||
|
||||
In reality, you'd probably only use `nc` to play around with it initially.
|
||||
You'd probably want to move to using a script soon, because you are usually given a copy of the program to play around with locally.
|
||||
|
||||
With vanilla Python, you can open a [socket] and replicate the `nc` behavior with:
|
||||
|
||||
[socket]: https://docs.python.org/3/library/socket.html
|
||||
|
||||
```py
|
||||
import socket
|
||||
s = socket()
|
||||
s.connect(("chal.examplectf.com", 12345))
|
||||
```
|
||||
|
||||
Alternatively, use [pwntools]:
|
||||
|
||||
```py
|
||||
from pwn import *
|
||||
r = remote("chal.examplectf.com", 12345)
|
||||
```
|
||||
|
||||
### Why do I get a binary and a C file?
|
||||
|
||||
The binary is often provided because the specific addresses are meaningful to construct an attack.
|
||||
Sometimes a libc is also provided to help craft attacks that need specific libc addresses.
|
||||
|
||||
Using something like [pwntools] makes it easy to do exploration and perform automated searches for addresses through a binary locally very quickly, and then swap out the target to the server once you've found a method to crack the binary.
|
||||
|
||||
[pwntools]: https://pwntools.com
|
||||
|
||||
### I get some text file with values like N, e, c. What does this mean?
|
||||
|
||||
These are usually some values for working with a cryptosystem called [RSA].
|
||||
|
||||
[RSA]: https://en.wikipedia.org/wiki/RSA_(cryptosystem)
|
||||
|
||||
* $N$ is the modulus. It's part of the public key. It's calculated with $N = p \times q$, but usually $p$ and $q$ are left as private
|
||||
* $e$ is the public exponent. It's also part of the public key
|
||||
* $c$ is the ciphertext.
|
||||
* $m$ (if included) is the message, but this is usually the thing you're looking for
|
||||
|
||||
Lots of CTFs will do modified versions of RSA as a puzzle.
|
||||
|
||||
> [!admonition: NOTE]
|
||||
> If the $N$ is just given to you directly instead of in a script, just go ahead and chuck the $N$ into [factordb] to see if it's already been factored!
|
||||
|
||||
[factordb]: https://factordb.com/
|
||||
|
||||
### I need to quickly convert some data
|
||||
|
||||
[CyberChef] is my tool of choice when it comes to this stuff.
|
||||
|
||||
[cyberchef]: https://gchq.github.io/CyberChef/
|
||||
|
||||
### I have a file but I don't know what it is
|
||||
|
||||
Plug the file through the [file] command!
|
||||
It'll tell you what kind of file it is, by looking at the first few numbers. For example:
|
||||
|
||||
[file]: https://en.wikipedia.org/wiki/File_(command)
|
||||
|
||||
```
|
||||
$ file binary
|
||||
binary: ELF 64-bit LSB executable, x86-64, version 1 (SYSV), dynamically linked, interpreter /lib64/ld-linux-x86-64.so.2, BuildID[sha1]=62bc37ea6fa41f79dc756cc63ece93d8c5499e89, for GNU/Linux 3.2.0, not stripped
|
||||
```
|
||||
|
||||
This means it's an executable program.
|
||||
|
||||
Another useful tool is [binwalk], which tells you if there's other files packed in there.
|
||||
This is sometimes useful for some forensics challenges.
|
||||
|
||||
[binwalk]: https://github.com/ReFirmLabs/binwalk
|
||||
|
||||
### I'm on Windows. What do?
|
||||
|
||||
Install [WSL] or [dual boot].
|
||||
|
||||
[WSL]: https://learn.microsoft.com/en-us/windows/wsl/about
|
||||
[dual boot]: https://wiki.archlinux.org/title/Dual_boot_with_Windows
|
||||
Loading…
Reference in a new issue