Inspiration
I wanted to share my knowledge about file analysis with other people, by providing a 3 part challenge with hints about helpful linux tools that can be used for analysis, especially for malware related tasks.
What it does
It's a c program that runs 3 parts. One after another once the correct answers are submitted for each. After the 3 parts, the final flag is returned.
How we built it
I used the c programming language primarily so that the original source code would be hard to be defined. The original source code is provided, and can be compiled using the Makefile in the GitHub repo.
Challenges we ran into
One of the parts feature a buffer overflow, which wasn't really a great idea considering there are multiple parts within the same file. This means that entering a long enough input would not only bleed data into the variables that was intended to be bled into,... but also the one's that weren't. This would in turn cause a segmentation fault and wouldn't return the flag.
Accomplishments that we're proud of
However the other 2 challenges were very soundly made (for Linux), and a critical bug was found after outside user testing where the final flag to be found in part 1 instead of after all 3 parts were completed.
What we learned
In the future, I should plan out my design more to avoid an issue like the intentional buffer overflow. Primarily, it isn't really a good idea to feature a buffer overflow in conjunction with other parts IN THE SAME FILE. If I were to utilize a buffer overflow, it should be in it's own standalone file. Other than that, it should be avoided when making a multipart CTF challenge.
What's next for Malware-Themed 3-Part CTF Challenge
I could try re-ordering the parts around so that the buffer overflow won't cause a segmentation fault, but other than that I should replace it with a different (and less volatile) challenge.
Log in or sign up for Devpost to join the conversation.