mrt-prodz

Hello!

My name is Themistokle Benetatos and I enjoy programming and creating computer graphics.
I am also the co-founder of Monologue, a motion design studio based in Athens.

Latest blog posts

  • CSAW CTF Quals 2014 - csaw2013reversing2.exe (200pts) writeup

    The challenge description was: We got a little lazy so we just tweaked an old one a bit Unfortunately I didn't participated in earlier CSAW CTF so I'm not sure what they meant by that, but looking at the binary file name it was apparently a challenge from CSAW 2013 they modified. Let's download it and see what is going on when we..[read more]
  • CSAW CTF Quals 2014 - why not sftp? (200pts) writeup

    The challenge description was: well seriously, why not? Let's download the pcap file and analyze the traffic to find out where is our flag in Wireshark. I usually start by looking at the conversations and try to find something odd or interesting: In the TCP conversations tab, we can see a lot of bandwidth consumption between A to B. Let's click on Follow..[read more]
  • CSAW CTF Quals 2014 - bo (100pts) writeup

    The challenge description was: exploit this This challenge was a free points for all to get started: mrt:~/csaw$ file bo bo: ELF 32-bit LSB executable, Intel 80386, version 1 (SYSV), dynamically linked (uses shared libs), for GNU/Linux 2.6.24, BuildID[sha1]=0x2e3f8e69d13dd81d59ea63c9193dadcd8c8c73aa, not stripped mrt:~/csaw$ strings bo /lib/ld-linux.so.2 __gmon_start__ libc.so.6 _IO_stdin_used setuid socket vasprintf exit htonl htons srand fork time __stack_chk_fail listen getpwnam bind chdir read setgroups dup2 setsockopt alarm freeifaddrs getifaddrs __sysv_signal close open accept getdtablesize errx setgid strcmp __libc_start_main write free GLIBC_2.3 GLIBC_2.4 GLIBC_2.0 PTRh =~~~~v UWVS [^_] Welcome to CSAW CTF! Time to break out IDA Demo and see what's going on inside me. :] flag{exploitation_is_easy!} Unable to set SIGCHLD..[read more]
  • CSAW CTF Quals 2014 - dumpster diving (100pts) writeup

    The challenge description was: dumpsters are cool, but cores are cooler The file is apparently a memory dump of Firefox, let's find out how easy we can get that flag: mrt:~/csaw/dumpster_diving$ cat firefox.mem | grep -a 'flag{' Pnegativeone_or_fdZZZZZZZZZZZZnegativeone_or_nothing ZZnegativeone_or_ssize_tZZd_name_extra_sizeZZZZZZZZZ ZZZnull_or_dirent_ptrZZZZZZZZZZOSFILE_SIZEOF_DIRZZZ ZZZZZZZZZ3ZZZZZZZHfLLZZ@mZZZZZZZAG@ryZZZZZZZZ flag{cd69b4957f06cd818d7bf3d61980e291} We got our flag: cd69b4957f06cd818d7bf3d61980e291[read more]