| Eat Sleep Trace Repeat |
@Elvis intended solution is to recover flag from just the trace.txt without looking at the shellcode (counting the for loop counter and getting the index in the random bytes array) !XD! |
2022-02-01 16:25 |
| Eat Sleep Trace Repeat |
thanks @Elvis. Some writeups are already public because I used this challenge in Zh3r0 CTF v2 last year. I thought I should put it here as well. :) |
2022-01-31 06:21 |
| Eat Sleep Trace Repeat |
yes |
2022-01-29 06:12 |
| Sabloom Text 6 |
lazy - Can you post your solution i want to see why Libre calc was useful to you? |
2021-08-10 13:46 |
| Pyaz |
4aca7f6c - Dude amazing writeup |
2021-08-10 13:44 |
| Pyaz |
It is easy to recognise the registers used by VM if you can recognise the code which emulating lets say the call instruction. it will add or sub from the sp and it will assign something to the pc. so you if you see this pattern you know which variable is sp and which one is pc. this is how you can sort of reconstruct the whole vm context. |
2021-06-13 13:28 |
| mexican |
flag{M3x1c4nMl4lw4r3_pl3rro} |
2019-10-05 05:27 |