Hello, Here's a quick article on how to bypass calls to ptrace when debugging a Linux executable. By calling ptrace with the PTRACE_TRACEME option, a process can detect if it's being debugged and execute different instructions. This an effective anti-debugging technique. For example, take the following C program: #include <stdio.h> #include <sys/ptrace.h> int main() { … Continue reading Bypassing ptrace calls with LD_PRELOAD on Linux
CTF
CTF Write-Ups
Hack The Box – Reversing: Debug Me
Hello, Here are some hints for solving the Debug Me challenge on HackThebox: Use a good debugger like x64dbgUse an anti-anti-debugging plugin like Scylla Hide. (read the instructions on how to install it)Step through the challenge and see where it takes you. Write-up: Debug Me Thanks!
X-MAS CTF 2019: Binary Exploiting & Reversing Write-Ups
Hello, Here are my write-ups for the X-MAS CTF 2019 organized by https://htsp.ro/. Reversing: Santa's crackme Santa's crackme is easy to solve when using Ghidra, all you need to do is open up the binary, read the code and use the XOR Memory script from Ghidra. The flag is retrieved from flag_matrix and xored by … Continue reading X-MAS CTF 2019: Binary Exploiting & Reversing Write-Ups
Hack The Box – Bitlab
Hello, Here's how I've solved the Bitlab machine on Hack The Box. Gitlab Access As usual we start of with a nmap scan: root@kali:~# nmap -p- -sV 10.10.10.114 Nmap scan report for 10.10.10.114 Host is up (0.044s latency). Not shown: 65533 filtered ports PORT STATE SERVICE VERSION 22/tcp open ssh OpenSSH 7.6p1 Ubuntu 4ubuntu0.3 (Ubuntu … Continue reading Hack The Box – Bitlab