rand-tech/readme.md

Created January 15, 2025 09:46

Star (0) You must be signed in to star a gist
Fork (0) You must be signed in to fork a gist

Select an option

Learn more about clone URLs
Clone this repository at <script src="https://gist.github.com/rand-tech/3698f0ec98510fc30696bd9e8660fe86.js"></script>
Save rand-tech/3698f0ec98510fc30696bd9e8660fe86 to your computer and use it in GitHub Desktop.

Download ZIP

Raw

My Challenges

A curated list of CTF challenges I made.

Year	Event	Category	Name	Theme	#solved (#solved)
2024	SatokiCTF	Rev	gomen	dynamic analysis	2 (3)
2024	SatokiCTF	Rev	satolite3	bin diff, DB internals(SQLite)	1 (2)
2024	SatokiCTF	Rev	satokity	Swift, Mach-O	0 (1)
2024	NewYearsCTF	Rev	2024	Corrupted ELF header	1
2023	NewYearsCTF	Rev	2023	Rust macro	1

Notable insights

gomen
- This checks the TracerPid for debugger detection
- This can be easily bypassed by either using
  - a tracer (e.g. Pin) and monitor the mem read/write
  - run the bin inside a linux ns and debug from outside (i.e. docker or ).
- Also, it is possible to patch the ins in the executable

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment