cyber uc meeting 92
play

Cyber@UC Meeting 92 Senior Designs and MBE crackmes If Youre New! - PowerPoint PPT Presentation

May 09, 2023 •147 likes •303 views

Cyber@UC Meeting 92 Senior Designs and MBE crackmes If Youre New! Join our Slack: cyberatuc.slack.com Check out our website: cyberatuc.org Organization Resources on our Wiki: wiki.cyberatuc.org SIGN IN! (Slackbot will post

  1. Cyber@UC Meeting 92 Senior Designs and MBE crackmes

  2. If You’re New! ● Join our Slack: cyberatuc.slack.com Check out our website: cyberatuc.org ● Organization Resources on our Wiki: wiki.cyberatuc.org ● ● SIGN IN! (Slackbot will post the link in #general every Wed@6:30) ● Feel free to get involved with one of our committees: Content Finance Public Affairs Outreach Recruitment Lab Ongoing work in our research lab! ●

  3. Announcements ● Organization planning meeting Sunday, all are welcome to attend New Lab Head, Aaron Boyd ● ● Outdoor event, 27th near dabney ● Shirts and Hoodies, 25$ and 35$ respectively Battelle visit this Saturday ● ○ Pay attention to the slack for carpooling/details

  4. April 20th CTF + MMORPG 11AM - 4PM COLUMBUS, OH

  5. The Topics Today Go Something Exactly Like This - Cyber@UC SOC - Install GHIDRA if you haven’t already - Walkthroughs and analysis for the first 6 MBE problems

  6. Cyber@UC SOC Here we go...

  7. SIG ALL IN ONE Here We Go… But Better

  8. Install GHIDRA From their website: ghidra-sre.org From our gitlab: gitlab.com/cyberatuc/ghidra GHIDRA requires having JDK 11 as well.

  9. Get the MBE problems - https://github.com/RPISEC/MBE - Their github has a link called “course website” - Find “challenges.zip” from the course website - Unzip and open in GHIDRA

  10. crackme0x00a Scanf (user input) a string and compare it to the bytes at 0x0804a024: 67 30 30 64 4A 30 42 21 = g00dJ0B!

  11. crackme0x01 Scanf user input into local_8 as a decimal Compare local_8 to 0x149a We can use python to pipe our input as decimal in python3 -c "print(int('149a',base=16))" | ./crackme0x01

  12. crackme0x03 rot3 Similar scanf and comparison although now we have a custom function test. Going into test shows we pass it two parameters and do an simple comparison then deobfuscate a corresponding result string through the shift function. python3 -c "print(int('52b24',base=16))" | ./crackme0x03

  13. crackmex04 Similar to the last one, we have a custom check function to validate the password. We have a counter that increments from the characters in our input as integers, then if we reach 0xf (16) before the end of the string, our password is valid

  14. crackmex05 1001 = 9 1000 = 8 0001 & 0001 & 0001 = 1 0000 = 0

Download Presentation
Download Policy: The content available on the website is offered to you 'AS IS' for your personal information and use only. It cannot be commercialized, licensed, or distributed on other websites without prior consent from the author. To download a presentation, simply click this link. If you encounter any difficulties during the download process, it's possible that the publisher has removed the file from their server.

Recommend

Cyber@UC; Meeting 28 Cyber Kill Chain If Youre New! Join our Slack ucyber.slack.com

Cyber@UC; Meeting 28 Cyber Kill Chain If Youre New! Join our Slack ucyber.slack.com

Cyber@UC; Meeting 28 Cyber Kill Chain If Youre New! Join our Slack ucyber.slack.com Follow us on Twitter @UCyb3r and Facebook UC.yber; University of Cincinnati OWASP Chapter Feel free to get involved with one of our committees:

430 views • 23 slides
NSF Activities in Cyber Trust NSF Activities in Cyber Trust NSF Activities in Cyber Trust For

NSF Activities in Cyber Trust NSF Activities in Cyber Trust NSF Activities in Cyber Trust For

NSF Activities in Cyber Trust NSF Activities in Cyber Trust NSF Activities in Cyber Trust For ACM CCS I ndustry/ Govt Track Oct. 26, 2004 Carl Landwehr ( clandweh@nsf.gov ) Cyber Trust Coordinator National Science Foundation What s the

439 views • 17 slides
CYBER CYBER-SAFETY CYBER CYBER SAFETY SAFETY SAFETY BASICS BASICS Engineering Staff College

CYBER CYBER-SAFETY CYBER CYBER SAFETY SAFETY SAFETY BASICS BASICS Engineering Staff College

3/29/2012 CYBER CYBER-SAFETY CYBER CYBER SAFETY SAFETY SAFETY BASICS BASICS Engineering Staff College of India I N T R O D U C T I O N What is Cyber-safety Consequences Threats of Inaction Cyber-safety? Cyber-safety Cyber-safety at

215 views • 7 slides
What is Cyber Crime? Cyber Enabled Crime Cyber Dependant Crime Traditional crime that is

What is Cyber Crime? Cyber Enabled Crime Cyber Dependant Crime Traditional crime that is

R egional C yber C rime U nit DC Louise Gibson Prepare, Prevent & Protect What is Cyber Crime? Cyber Enabled Crime Cyber Dependant Crime Traditional crime that is enhanced in scale or Crimes that can only be committed solely reach by use

316 views • 9 slides
Cyber Security Risk Using the Cyber Security Measurement Framework Cyber Security Framework

Cyber Security Risk Using the Cyber Security Measurement Framework Cyber Security Framework

Cyber Security Risk Using the Cyber Security Measurement Framework Cyber Security Framework Reporting Objectives Executive Summary Information Assess Current Cyber Security Posture Measure Progress Toward Improvement Assess

634 views • 5 slides
The Cyber Threat: Securing Cyber Infrastructure Overview What are the FBIs Priorities?

The Cyber Threat: Securing Cyber Infrastructure Overview What are the FBIs Priorities?

The Cyber Threat: Securing Cyber Infrastructure Overview What are the FBIs Priorities? What is the FBIs Cyber Structure? HQ Division Dedicated Cyber squads in all 56 field offices, including satellite locations overseas.

1.54k views • 14 slides
Strategic Priorities Assurance Board Cyber and Cyber Enabled Crime Introduction Cyber

Strategic Priorities Assurance Board Cyber and Cyber Enabled Crime Introduction Cyber

Strategic Priorities Assurance Board Cyber and Cyber Enabled Crime Introduction Cyber Dependent crime examples of these offences are Distributed Denial of Service attack (DDOS), Account Compromise (hacking), Malware (virus) and

237 views • 7 slides
FEMA Region III Cyber Security Program Maryland Cyber Security Workshop (January 16, 2019)

FEMA Region III Cyber Security Program Maryland Cyber Security Workshop (January 16, 2019)

FEMA Region III Cyber Security Program Maryland Cyber Security Workshop (January 16, 2019) (Presented again at the October 16, 2018, meeting of the Maryland Cybersecurity Council and published with permission.) Overview Current Landscape

560 views • 23 slides
Cyber Security February - 2016 Agenda Overview of Cyber Crime The top cyber threats to UK

Cyber Security February - 2016 Agenda Overview of Cyber Crime The top cyber threats to UK

Cyber Security February - 2016 Agenda Overview of Cyber Crime The top cyber threats to UK businesses and how to remain safe What help is available Further reading Setting the scene 21.2bn The cost of fraud to the

304 views • 19 slides
Mark Fernandes Principal, Cyber Risk Services + FUTURE OF CYBER CYB CYBER SINGU GULAR ARIT

Mark Fernandes Principal, Cyber Risk Services + FUTURE OF CYBER CYB CYBER SINGU GULAR ARIT

Mark Fernandes Principal, Cyber Risk Services + FUTURE OF CYBER CYB CYBER SINGU GULAR ARIT ITY How cyber is becoming a key aspect of the ubiquity generation. CYBER SUMMIT More to come 3 2018 Deloitte Cyber Risk Services 4 2018

514 views • 19 slides
Latest in Cyber Security November 7, 2013 TCIPG Annual Meeting Douglas Maughan Division

Latest in Cyber Security November 7, 2013 TCIPG Annual Meeting Douglas Maughan Division

Homeland Security Advanced Research Projects Agency A View from Washington: The Latest in Cyber Security November 7, 2013 TCIPG Annual Meeting Douglas Maughan Division Director http://www.dhs.gov/cyber-research Presentation Outline

794 views • 32 slides
CYBER SECURITY PROTECTING AGAINST CYBER FRAUD IN SCALEUP COMPANIES AND WHAT TO DO SHOULD THEY

CYBER SECURITY PROTECTING AGAINST CYBER FRAUD IN SCALEUP COMPANIES AND WHAT TO DO SHOULD THEY

CYBER SECURITY PROTECTING AGAINST CYBER FRAUD IN SCALEUP COMPANIES AND WHAT TO DO SHOULD THEY HAPPEN London June 2019 INTRODUCTION Cyber Security The activity or process, ability or capability, or state whereby information and

735 views • 24 slides
Cy Cyber ber La Lay of the he La Land nd What the Numbers Tell Us Cyber r Lay of f the

Cy Cyber ber La Lay of the he La Land nd What the Numbers Tell Us Cyber r Lay of f the

Cy Cyber ber La Lay of the he La Land nd What the Numbers Tell Us Cyber r Lay of f the Land: : Wh What t the Numbe mbers rs Tell l Us Visit www.advisenltd.com at the end of this webinar to download: Copy of these slides

722 views • 31 slides
Cyber@UC Meeting 35 Exploit ALL the vulnerabilities! If Youre New! Join our Slack

Cyber@UC Meeting 35 Exploit ALL the vulnerabilities! If Youre New! Join our Slack

Cyber@UC Meeting 35 Exploit ALL the vulnerabilities! If Youre New! Join our Slack ucyber.slack.com Follow us on Twitter @UCyb3r and Facebook UC.yber; University of Cincinnati OWASP Chapter Feel free to get involved with one of

563 views • 11 slides
Cyber@UC Meeting 59 Actually Doing Star Night! If Youre New! Join our Slack:

Cyber@UC Meeting 59 Actually Doing Star Night! If Youre New! Join our Slack:

Cyber@UC Meeting 59 Actually Doing Star Night! If Youre New! Join our Slack: ucyber.slack.com SIGN IN! (Slackbot will post the link in #general) Feel free to get involved with one of our committees: Content Finance Public

525 views • 23 slides
Cyber@UC Meeting 63 Contributing to the Website If Youre New! Join our Slack:

Cyber@UC Meeting 63 Contributing to the Website If Youre New! Join our Slack:

Cyber@UC Meeting 63 Contributing to the Website If Youre New! Join our Slack: ucyber.slack.com SIGN IN! (Slackbot will post the link in #general every Wed@6:30) Feel free to get involved with one of our committees: Content

491 views • 14 slides
DSS Data & Storage Services LZ4 HC COMPRESSION for ROOT and IO Baseline Evaluation ROOT IO

DSS Data & Storage Services LZ4 HC COMPRESSION for ROOT and IO Baseline Evaluation ROOT IO

DSS Data & Storage Services LZ4 HC COMPRESSION for ROOT and IO Baseline Evaluation ROOT IO Workshop - 6.12.2013 Andreas-Joachim Peters IT-DSS-TD CERN IT Department = compression x speed x size CH-1211

703 views • 13 slides
Studio 3 18.05 Spring 2014 Jeremy Orloff and Jonathan Bloom frequency density 4 0.4 3 0.3 2

Studio 3 18.05 Spring 2014 Jeremy Orloff and Jonathan Bloom frequency density 4 0.4 3 0.3 2

Studio 3 18.05 Spring 2014 Jeremy Orloff and Jonathan Bloom frequency density 4 0.4 3 0.3 2 0.2 1 0.1 x x .5 1.5 2.5 3.5 4.5 .5 1.5 2.5 3.5 4.5 Concept questions Suppose X is a continuous random variable. a) What is P ( a X

339 views • 11 slides
Week 6 Jupyter and Basic Python 3 1 Today: Code Review! New pre-organized rooms - choose a

Week 6 Jupyter and Basic Python 3 1 Today: Code Review! New pre-organized rooms - choose a

LING 300 - Topics in Linguistics: Introduction to Programming and Text Processing for Linguists Week 6 Jupyter and Basic Python 3 1 Today: Code Review! New pre-organized rooms - choose a round-robin cycle A checks Bs, B checks Cs,

519 views • 3 slides
COMP364: Working with Matplotlib (2) Jrme Waldisphl, McGill

COMP364: Working with Matplotlib (2) Jrme Waldisphl, McGill

COMP364: Working with Matplotlib (2) Jrme Waldisphl, McGill University Analysis of human mRNA Using CURL download human mRNA file on your account

250 views • 5 slides
SAT and SMT Solvers in Practice Marijn J.H. Heule and Ruben Martins

SAT and SMT Solvers in Practice Marijn J.H. Heule and Ruben Martins

SAT and SMT Solvers in Practice Marijn J.H. Heule and Ruben Martins http://www.cs.cmu.edu/~mheule/15816-f19/ Automated Reasoning and Satisfiability, September 12, 2019 1/24 DIMACS: SAT solver input format The DIMACS format for SAT solvers has

580 views • 27 slides
Solutions Problem A: Santising print(x * 0.6) Problem B: Hidden text One simple solution

Solutions Problem A: Santising print(x * 0.6) Problem B: Hidden text One simple solution

Armenian Open Programming Competition In memory of Vladimir Yeghiazaryan Solutions Problem A: Santising print(x * 0.6) Problem B: Hidden text One simple solution Copy the file into a text editor Replace all tabs to nothing

304 views • 17 slides
Resources: what you need to complete the tutuorial. Computer with Vivado 19.1 and USB

Resources: what you need to complete the tutuorial. Computer with Vivado 19.1 and USB

Red Pitaya Tutorial #1 Resources: what you need to complete the tutuorial. Computer with Vivado 19.1 and USB serial console. Red Pitaya Board. SD Card Reader & Micro SD. USB Cables (Power and Comms). Host computer with

336 views • 9 slides
Rooting the MikroTik routers A journey into reverse engineering parts of MikroTik system to gain

Rooting the MikroTik routers A journey into reverse engineering parts of MikroTik system to gain

Rooting the MikroTik routers A journey into reverse engineering parts of MikroTik system to gain access to hardware features and the shell behind the RouterOS that has no ls Who? Me? Who am I? https://twitter.com/KirilsSolovjovs

753 views • 43 slides

More recommend