Wiki
Clone wikiChallenge11 / Home
Honeynet Challenge 11 - Dive Into Exploit
Reference: Challenge 11 - Dive Into Exploit (by Georg Wicherski)
Challenge Submission
Challenge Analysis
- Stage 2
- Reversing Overview
- Analysis
- Extracting the Stage 3 Payload
- Reversed Stage 2 Data Structures
- Reversed Stage 2 Functions
- big_int_zadd (offset 0xB44)
- big_int_add (offset 0xB5F)
- big_int_sub (offset 0xB70)
- big_int_lsl (offset 0xB81)
- big_int_asr (offset 0xB8A)
- big_int_gcd (offset 0xD5D)
- big_int_mult (offset 0xBA3)
- big_int_exp (offset 0x1026)
- RABBIT_next_state (offset 0x760)
- RABBIT_encrypt (offset 0x8E8)
- RABBIT_process_bytes (offset 0xA9D)
- RABBIT_setup (offset 0x940)
Appendix
References
- An Encrypted Payload Protocol and Target-Side Scripting Engine by Dino A. Dai Zovi
Updated