52 lines
1.1 KiB
Markdown
52 lines
1.1 KiB
Markdown
Open Pit
|
|
========
|
|
|
|
# Author
|
|
Stäbchenfisch
|
|
|
|
# Challenge Text
|
|
I can't stand these craters that surface mines put in our landscape. It's time to stop them. I've managed to acquire the software running on their servers. Maybe you could use that to get in and disturb their operations?
|
|
|
|
# Challenge Idea
|
|
Use timing information leaked by a hidden profiler to recover an aes key. (crypto + reversing)
|
|
|
|
# Status
|
|
Ready with working exploit
|
|
|
|
# Reviewers
|
|
dezk, pspaul (I think. Don't know the names that well yet :P)
|
|
|
|
# Setup
|
|
Compiling the Sources:
|
|
```
|
|
meson build
|
|
ninja -C build
|
|
strip build/open_pit
|
|
```
|
|
|
|
The resulting binary is needed for deployment *and* should be published with the challenge.
|
|
|
|
Run the binary:
|
|
```
|
|
socat tcp-listen:1337,reuseaddr,fork exec:"./open_pit"
|
|
```
|
|
|
|
# Administration
|
|
## Hardware Requirements
|
|
|
|
- Number of cores: 4
|
|
- RAM: 1 GB
|
|
|
|
## Environment / Permissions
|
|
- Distro: Arch
|
|
- Requires write access to /tmp: no
|
|
|
|
# Solution
|
|
See solution/automated_attack.py
|
|
|
|
# Difficulty
|
|
Medium
|
|
|
|
# Flag
|
|
flag{If_coal_is_so_bad_for_the_environment_why_dont_we_just_burn_it_all?!?}
|