VirSecCon CTF Loopback

by securisecctf 4 years ago

macOS ◆ xterm-256color ◆ zsh 696 views

Virseccon CTF Loopback pcap solution using Chepy.

from chepy import Chepy

c = Chepy("loopback.pcap")

flag = (
	# read pcap
    c.read_pcap()
	# extract all ICMP payloads
	.pcap_payload("ICMP")
	# Because payloads repeat, extract only one
    .select_every_n(2)
	# pull the 16th byte of each payload which also repeats
    .loop_list("slice", {"start": 16, "end": 17})
	# join payload to form PNG file
    .join_list(b"")
	# extract binary strings
    .extract_strings()
	# extract flag
    .search_ctf_flags(prefix="LLS")
)
print(flag)

More by securisecctf

Self documenting Pyton cli 00:53

by securisecctf 4 years ago

Radare2 wiki inside the r2 shell 00:53

by securisecctf 6 years ago

r2msdn for radare2 02:09

by securisecctf 6 years ago

r2retdec demo 01:47

by securisecctf 6 years ago

See all

You can download this recording in asciicast v2 format, as a .cast file.

Download

Replay in terminal

You can replay the downloaded recording in your terminal using the asciinema play command:

asciinema play 316683.cast

If you don't have asciinema CLI installed then see installation instructions.

Use with stand-alone player on your website

Download asciinema player from the releases page (you only need .js and .css file), then use it like this:

<!DOCTYPE html>
<html>
<head>
  <link rel="stylesheet" type="text/css" href="asciinema-player.css" />
</head>
<body>
  <div id="player"></div>
  <script src="asciinema-player.min.js"></script>
  <script>
    AsciinemaPlayer.create(
      '/assets/316683.cast',
      document.getElementById('player'),
      { cols: 110, rows: 19 }
    );
  </script>
</body>
</html>

See asciinema player quick-start guide for full usage instructions.

While this site doesn't offer GIF conversion at the moment, you can still do it yourself with the help of asciinema GIF generator utility - agg.

Once you have it installed run the following command to create GIF file:

agg https://asciinema.org/a/316683 316683.gif

Or, if you already downloaded the recording file:

agg 316683.cast 316683.gif

Check agg --help for all available options. You can change font family and size, select color theme, adjust speed and more.

See agg manual for full usage instructions.