Hack.lu 2011 CTF – Scotty’s last signal Solution

Challenge summary:

Scotty’s last signal

You might have heard about Montgomery Scott, the legendary chief engineer of the U.S.S. Enterprise. What you probably did not know is his passion for Video Games – especially really old classics. We recently lost contact with his transport shuttle and we think you should examine this old game file we recently recieved because he might have just put a message into there. This would make sense if he could not send a fully blown Space-Unicode message signal to avoid attracting any Borg ships in the sector… (Borg usually are very bad at video games) His passion for Beaming and Warping might be of interest for your analysis. https://ctf.hack.lu/files/mario

First we downloaded the attached file and checked to see what kind of file it is.

$  file mario
mario: iNES ROM dump, 2x16k PRG, 1x8k CHR, [Vert.]
$ mv mario mario.nes

iNES Rom is a format developed by Marat Fayzullin to store Nintendo / Famicon games, and it’s also de name of its emulator.

After spending some time playing the game,  looking at the dissasembled game using FCEUX debugger and reading about NES ASM, I noted this wasn’t probably the easy way to solve it :P. But by playing it we could see that some messages on the game were changed, FLUX instead of MARIO, SADFACE instead of GAME OVER.

A couple of Google searching led me to this tool to change strings of SMB rom, SMB NES Rom Text Editor luckily is written in C # and can be run on Linux too with Mono.

Flag:  IMSTILLALIVEHELPME

 

Campus Party Valencia 2011 – Premio ESET

Esta publicación la tenia pendiente hace casi un mes, desde que recibí el premio entregado por ESET a nuestro equipo NULL Life por haber logrado finalizar de primeros el WGSBD2 organizado para Campus Party España.  Ya se ha publicado una recopilación de las soluciones WGSBD2 para los que esten interesados.

Las categorias del wargame fueron las siguientes:

  • Trivial
  • Networking
  • Binarios
  • Crypto
  • Web

Agradecimientos a Security By Default por un excelente Wargame, a Campus Party España, y por ultimo, pero no menos importante, ESET por patrocinar este tipo de eventos. Sin más preambulo el unboxing del premio, una Macbook Pro 15″ (con ESET Cybersecurity) otorgada por ESET.

 

 

CTF Campus Party 2011 Colombia

Este año representé a NULL-Life en el CTF de Campus Party Colombia, logré obtener el primer lugar, el premio fue un magico iPad 2 😀 (que aún no me han entregado, pero la paciencia es la virtud de todo pentester). Les dejo el writeup para que vean la dificultad y solucion de todos los retos.

La próxima semana viene el CTF de Campus Party Valencia, en el cual podremos participar como equipo 😀

¡Agradecimientos a Nonroot y Campus Party por la organización del evento!