In relation to python, we're using a library called pwntools (in addition to the obvious and incredibly useful set of tools provided by Linux and GNU). We might be doing more of this in the later weeks, but this week moving onto forensics, buffer overflow attacks, shellcode, and circumventing stack protections by compilers. It's a very complex tool with lots of depth, and I've only really scratched the surface. Through adding constraints to inputs and explicting marking some parts of the binary as "avoid", angr would eventually navigate it's way to the end of execution (and hopefully result in a flag!) through some sort of either statistical model (maybe similar to sqlmap?) or through simply brute forcing all possible routes of execution. Originally, we learned to use the GNU debugger GDB for many weeks of CTF assignments, but last week we used Angr to script a way to explore many, many paths of execution in a program. The creator of the binary will hide away a specific string, like "flag", purposefully deep within the binary and only obtainable (normally) through some modification to the execution order of the binary. The prospective buyer fills out the ATF form, and the FFL. I'm currently enrolled in an undergrad practical fundamentals of cybersecurity course at my uni, and last week, we used angr to script what we'd normally use gdb for in what's called a "capture the flag" assignment. When a person tries to buy a firearm, the seller, known as a Federal Firearms Licensee (FFL), contacts NICS electronically or by phone.
0 Comments
Leave a Reply. |
Details
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |