STOP GAN | Google CTF 2019

Google CTF 2019

STOP GAN

Well it seems someone can’t keep their work life and their home life separate. You vaguely recall on your home planet, posters put up everywhere that said “Loose Zips sink large commercial properties with a responsibility to the shareholders.” You wonder if there is a similar concept here. Using the credentials to access this so-called Agricultural network, you realize that SarahH was just hired as a vendor or contract worker and given access that was equivalent. You can only assume that Vendor/Contractor is the highest possible rank bestowed upon only the most revered and well regarded individuals of the land and expect information and access to flow like the Xenovian acid streams you used to bathe in as a child. The portal picture displays that small very attractive individual whom you instantly form a bond with, despite not knowing. You must meet this entity! Converse and convince them you’re meant to be! After a brief amount of time the picture shifts into a biped presumably ingesting this creature! HOW DARE THEY. You have to save them, you have to stop this from happening. Get more information about this Gubberment thing and stop this atrocity. You need to get in closer to save them – you beat on the window, but you need access to the cauliflower’s host to rescue it.

buffer-overflow.ctfcompetition.com 1337

Attachement

You can find my all CTF solution in here

When I donwloaded the attachment I saw .c and some mips binary code.

In the .c code

It says you can compile this source but I want to use original file.

I can open bof file with using qemu-mipsel.

In this question. As I understand we must to crash program with given input. So that in this case, I must to use buffer overflow method.

It happens. So that I will try in web service

It works. So I will try to with python code.

Soo We found flag

CTF{Why_does_cauliflower_threaten_us}

Start to find Bonus flag.

I am try to find new adress for the print bonus flag. In this case I search functions in bof file

I found the loca_flag function in bof file

We can try to jump that adress with using bof vuln

I try to find where the return address start and it is 264 so that I write bellow python to extract bonus flag

 

Result:

 

Flag: CTF{controlled_crash_causes_conditional_correspondence}

 

Leave a Reply

Your email address will not be published. Required fields are marked *