capture-the-flag

2 minute read

Steganography, Cryptography, Forensics and more

Recently I did a few CTF contests so though might be interesting to note down my learning notes as a newbie ;-)

Vulnerability Discovery

“Despair is when you are debugging a kernel driver and you look at a memory dump and you see that a pointer jas a value of 7”

How to identify the vulnerabilities that manifest in applications that compile to native code? Try rever engineering compiled variants of the project code. Vulnerabilities are commonly identified in large software packages due to their use of third-party software libraries. Common examples include libraries like libxml, libpng, libpoppler, and libfreetype that parse complicated file formats and protocols.

Source/Binary/Webapps Auditing

In security, there are specific types of bugs:

  1. Memory errors

Hey, Stack Overflow. Buffer overflow is a common term mentioned here, which generally refers to coercing a program that writes outside the bouds of an allocated object. The destination buffer being written to can be Stack allocated, Heap allocated or Global and the source can be a static character, input data or non-input data while the size is fixed, variable or random.

  1. Race conditions

  2. “Logic Bugs”

Reverse Engineering

Return to the crime island via shell by understanding and exploiting bugs in the programs.

reverse Reverse Engineering

I published one set of source code on my GitHub.

Steganography

Steganography is the technique of hiding secret data within an ordinary, non-secret, file or message in order to avoid detection; the secret data is then extracted at its destination. The use of steganography can be combined with encryption as an extra step for hiding or protecting data. The word steganography is derived from the Greek words steganos (meaning hidden or covered) and the Greek root graph (meaning to write).

Steganography techniques

Steganography is a useful technique for hiding data behind the carrier file such as image, audio, video etc. and that data securely transfer from sender to receiver. The cryptography is also another technique which is used for the protecting information. The Combining encryption methods of cryptography and steganography enables the user to transmit information which is masked inside of a file in plain view. This will provide more security to transferring data.

Countermeasures and Detection

The most basic approaches of steganalysis are visual or aural attacks, structural attacks, and statistical attacks.

CTF: Skull

Description: Should take you a while. Good luck!

Skull Original QR Code

This is a great example of the implementation of steganography. How to recover this? Indeed there are already some open source toolkits we can find. But a general step guide through is needed:

  1. Determine which encoding mode to use
  2. Encode the data
  3. Generate error correction codewords
  4. Interleave blocks if necessary
  5. Place the data and error correction bits in the matrix
  6. Apply the mask patterns and determine which one results in the lowest penalty
  7. Add format and version information
References

misc - stego - writeup

CTF - Hack the Box

Leave a comment