jabberMicro Corruption: Halifax
srjJust found out that Microcorruption, the very fun and educational embedded security CTF, got some new challenges: https://research.nccgroup.com/2022/10/31/check-out-our-new-microcorruption-challenges/ Looks like there are now 6 new ones after Hollywood!
Ridge ShrubsallNew challenges have been released for Microcorruption:
https://research.nccgroup.com/2022/10/31/check-out-our-new-microcorruption-challenges/
#ctf #reverseengineering #exploitation #msp430 #microcorruption
TunapunkI've picked up #microcorruption, again. Last time I touched it was when the servers went offline and that inspired me to look into ways to play it outside the browser. The necessary parts of the equation:
- An emulator implementing the "syscalls"/callgate
- A debugger/disassembler/assembler toolchain
- All level files
There's several emulators available, along with a matching toolchain. The level files can be copy-pasted from the browser and the hex dump translated to a binary for the emulator. I've been given the remaining level files on #milliways and started translating my solutions so far to Python scripts that automatically solve each level with #pwnlib.
In case you wonder why to bother, this might be the gentlest introduction into binary exploitation, which I consider the black magic discipline in #infosec.
https://github.com/cemeyer/msp430-emu-uctf
https://aur.archlinux.org/packages/msp430-gdb
https://depp.brause.cc/uctf/
GitHub - cemeyer/msp430-emu-uctf: msp430 emulator for uctf (with remote GDB debugging, reverse debugging, and optional symbolic execution)
msp430 emulator for uctf (with remote GDB debugging, reverse debugging, and optional symbolic execution) - GitHub - cemeyer/msp430-emu-uctf: msp430 emulator for uctf (with remote GDB debugging, rev...