jakespringer / angr_ctf Goto Github PK
View Code? Open in Web Editor NEWLicense: GNU General Public License v3.0
angr_ctf's Introduction
Eventually, this README will have information about building, installing, and
playing the levels.
Currently, if you want to play around with them, take a look at package.py,
which builds the levels, and dist/ which generally has an up-to-date build
of each of the levels.
A Makefile is included that performs an automated build for both a local
installation and for the MetaCTF web installation. A list of users
is passed in via the USERS environment variable which will then build
the binaries for each user listed.
Build binaries in obj/{foo,bar}/angr
make USERS='foo bar' local
Build binaries in upper-level MetaCTF repo ../www/static/obj/{foo,bar}/angr
make USERS='foo bar' web
angr_ctf's People
Contributors
Stargazers
Watchers
Forkers
disconnect3d saasthavasan markmankins vish-akul donndonn f0829 suhyeonjin kungia09 wongwaituck cexplr msjyoo myts2 freakishfox heruix cuckflong changochen cafa1 chago rbrunner007 zytmatrix sidsenkumar11 decart-hub cakeforest lalospidey victoralonsocm hjzmc waterdemo last-byte lxwasm saagarjha ysf anchray imulmul todd-finkler jiangyei jotamjr helloexp zhjguang zxgio tmx1991 l3ouu4n9 whiteknife1 wyhuan lovelywei freemanzyq returnhere alexsandershaw ezekiel-1998 noone-hub xyxdaily 0xc4se vishnupratapagiri linkleyping bluesolarsystem heqile rongqinglee xuchen201810 fayozbek 923310233 junknet huhuang03 retr0-123 kxdkxd hahar226 alialqetaiti f1ndr pwnie-island dipanjan 666asd ootyoo secgithub lxonz internaut401 neu-nex giladreich xiaoshipricne zzzsleepsin durge5h dawnadvent jackysun10 b3rcut7 jh123x redcrabs faisal-alfaifi x213212 thefunctionalguy xxr0ss xianlimei jindaxia akz747 edygert iamyjlee sharkmoos jtulowiecki 1337536723 xzf1234 mikeboensel amesianx fantasquex littflowerangr_ctf's Issues
Instructions for local installation and playing the levels
Hello,
I would like to contribute to the project.
I would like to add instructions for (at least) the local installation and also present a walkthrough for the few first levels, to help people getting started.
Is that okay with you ? is there some guideline that you would like me take into account ?
You can expect a first draft during the next weeks.
exec error
(angr) angr@fed003dbb7b2:~/angr_ctf/solutions/07_angr_symbolic_file$ python solve07.py 07_angr_symbolic_file
Traceback (most recent call last):
File "solve07.py", line 130, in <module>
main(sys.argv)
File "solve07.py", line 91, in main
password_file = angr.storage.SimFile(filename, file_options, content=symbolic_file_backing_memory, size=symbolic_file_size_bytes)
TypeError: __init__() got multiple values for argument 'content'What's wrong with veritesting?
Hi,
I was trying to solve 12_angr_veritesting, but I am not getting a solution even though I have enabled veritesting. This is the script I used:
import sys
import angr
import logging
logging.getLogger('angr').setLevel('DEBUG')
win = 0x08048686
lose = 0x08048698
proj = angr.Project("./12_angr_veritesting")
state = proj.factory.entry_state()
sm = proj.factory.simulation_manager(state, veritesting = True)
sm.explore(find=win,avoid=lose)
found=sm.found[0]
print found.posix.dumps(sys.stdin.fileno())
I get this at the the end of the output when I run it:
DEBUG | 2018-03-21 15:59:36,528 | angr.manager | Filtering 1 states
DEBUG | 2018-03-21 15:59:36,529 | angr.manager | ... state <SimState @ 0x80486f1> matched!
DEBUG | 2018-03-21 15:59:36,529 | angr.manager | ... returning 1 matches and 0 non-matches
DEBUG | 2018-03-21 15:59:36,529 | angr.manager | Filtering 0 states
DEBUG | 2018-03-21 15:59:36,529 | angr.manager | ... returning 0 matches and 0 non-matches
INFO | 2018-03-21 15:59:36,529 | angr.analyses.veritesting | Returning new paths: (successful: 0, deadended: 0, errored: 0, deviated: 1)
DEBUG | 2018-03-21 15:59:36,529 | angr.manager | Out of states in stash active
DEBUG | 2018-03-21 15:59:36,530 | angr.manager | Out of states in stash active
Traceback (most recent call last):
File "angr12_test.py", line 15, in <module>
found=sm.found[0]
IndexError: list index out of range
I also tried running the solution script given, which also didn't work and gave this:
DEBUG | 2018-03-21 16:10:57,423 | angr.manager | Filtering 1 states
DEBUG | 2018-03-21 16:10:57,423 | angr.manager | ... state <SimState @ 0x80486f1> matched!
DEBUG | 2018-03-21 16:10:57,423 | angr.manager | ... returning 1 matches and 0 non-matches
DEBUG | 2018-03-21 16:10:57,423 | angr.manager | Filtering 0 states
DEBUG | 2018-03-21 16:10:57,423 | angr.manager | ... returning 0 matches and 0 non-matches
INFO | 2018-03-21 16:10:57,424 | angr.analyses.veritesting | Returning new paths: (successful: 0, deadended: 0, errored: 0, deviated: 1)
DEBUG | 2018-03-21 16:10:57,424 | angr.manager | Out of states in stash active
DEBUG | 2018-03-21 16:10:57,424 | angr.manager | Out of states in stash active
Traceback (most recent call last):
File "solve12.py", line 45, in <module>
main(sys.argv)
File "solve12.py", line 42, in main
raise Exception('Could not find the solution')
Exception: Could not find the solution
Can someone explain what's going wrong here? and what does enabling veritesting really do?
Make code python 3 compatible
angr 8.0 has dropped python 2 support, so this should probably be updated accordingly.
Scaffold and solution challenge 07 not working with latest angr
Scaffold and solution challenge 07 are not working with latest angr, because SimFile class changed.
This is working code with latest version of angr for the filesystem part:
filename = "OJKSQYDP.txt" # :string
symbolic_file_size_bytes = 64
password = claripy.BVS('password', symbolic_file_size_bytes * 8)
password_file = angr.storage.SimFile(filename, content=password, size=symbolic_file_size_bytes)
initial_state.fs.insert(filename, password_file)
simulation = project.factory.simgr(initial_state)
I am unable to solve 03_angr_symbolic_registers
I tried it on my own and tried it using the solver, in both I receive 0 0 0.
Using the solver:
(angr) angr@5364d74d028c:/ctf$ python solver03.py 03_angr_symbolic_registers
0 0 0
My own script:
(angr) angr@5364d74d028c:/ctf$ python scaffold03.py 03_angr_symbolic_registers
WARNING | 2022-05-25 00:56:49,072 | angr.storage.memory_mixins.default_filler_mixin | The program is accessing register with an unspecified value. This could indicate unwanted behavior.
WARNING | 2022-05-25 00:56:49,072 | angr.storage.memory_mixins.default_filler_mixin | angr will cope with this by generating an unconstrained symbolic variable and continuing. You can resolve this by:
WARNING | 2022-05-25 00:56:49,072 | angr.storage.memory_mixins.default_filler_mixin | 1) setting a value to the initial state
WARNING | 2022-05-25 00:56:49,072 | angr.storage.memory_mixins.default_filler_mixin | 2) adding the state option ZERO_FILL_UNCONSTRAINED_{MEMORY,REGISTERS}, to make unknown regions hold null
WARNING | 2022-05-25 00:56:49,072 | angr.storage.memory_mixins.default_filler_mixin | 3) adding the state option SYMBOL_FILL_UNCONSTRAINED_{MEMORY,REGISTERS}, to suppress these messages.
WARNING | 2022-05-25 00:56:49,072 | angr.storage.memory_mixins.default_filler_mixin | Filling register ebp with 4 unconstrained bytes referenced from 0x804898c (main+0x32 in 03_angr_symbolic_registers (0x804898c))
WARNING | 2022-05-25 00:56:49,241 | angr.storage.memory_mixins.default_filler_mixin | Filling memory at 0xffffffed with 4 unconstrained bytes referenced from 0x804898c (main+0x32 in 03_angr_symbolic_registers (0x804898c))
WARNING | 2022-05-25 00:56:49,398 | angr.storage.memory_mixins.default_filler_mixin | Filling memory at 0xfffffff1 with 4 unconstrained bytes referenced from 0x804899f (main+0x45 in 03_angr_symbolic_registers (0x804899f))
WARNING | 2022-05-25 00:56:49,585 | angr.storage.memory_mixins.default_filler_mixin | Filling memory at 0xfffffff5 with 4 unconstrained bytes referenced from 0x80489b2 (main+0x58 in 03_angr_symbolic_registers (0x80489b2))
0 0 0
Trying 0 0 0
(angr) angr@5364d74d028c:/ctf$ ./03_angr_symbolic_registers
Enter the password: 0 0 0
Try again.
(angr) angr@5364d74d028c:/ctf$
Solution for challenge 11 outputs different results on a Windows environment versus Ubuntu Environment
Running python3 scaffold11.py 11_angr_sim_scanf produces 1448564819 1398294103 on an ubuntu environment and yields the correct password for the challenge. Running the script on windows produces 1179604559 1146114388 and fails on the challenge. Any idea why this could happen?
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
๐ Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. ๐๐๐
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google โค๏ธ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.