6 replies to this topic

[pscEx]

We have had no really good results in the dCTF.
And also in the Challenge #2 some members (including me) did not have had success, because their local hardware / software had some issues to process the queries as wanted.

That's a pity, but in a real contest, the user is responsible to have the suited hardware / software.

I suggest to make a simple collection of "hardware / software issues" here.

Let me start with:

• Sometimes host PC VT-x ability is necessary
• Your browser should have the ability to download RAW page item contents
• Maybe a MD5 checksum has to be converted to UC / LC

To understand correctly:
E.g. #1 does not mean that everybody has to replace his CPU by a "suited one".
That means: If you do not have such a CPU, pass the actual situation to the team ...
(In challenge #2 I did so ...)

@HS: I do not think that it would be good to "Fix the UC / LC" WD5 issue in your PHP. As said above, the user is responsible ...
#2 @HS: Can you pin this topic? I cannot.

Peter

[Holmes.Sherlock]

@HS: I do not think that it would be good to "Fix the UC / LC" WD% issue in your PHP. As said above, the user is responsible ...
#2 @HS: Can you pin this topic? I cannot.

Topic pinned. BTW, this IPB has some serious issues, I guess. I'm facing a series of troubles in moderation these days. Already communicated to Nuno, Mikorist & Wonko.

As far as this thread is concerned, a plan has popped up which is nothing but a mere refinement of your idea. Can you reorganize your first post to have a separate checklist/"need-to-have" of softwares & hardwares? This split of entities will be more comprehensible & will come handy during crucial moments before the contest starts. Also you can keep on adding THOSE softwares which we MUST have to take part in a contest. This year, we were un-armed. We had to download few softwares during the contest itself. As you have named the thread as "Simple collection of what may be important", then can you also pick up softwares which we have used/ will use during solving of challenges? As other people will reply on this thread & add/introduce new tools, you consolidate all of them together in the first post, thus creating a complete checklist gradually. Does this idea sound appealing?

[Icecube]

I don't know what all challenges were, but this software could be useful to have:

• Firefox with FireBug plugin to be able to live edit webpages (or Chrome).
• VirtualBox or KVM for virtualisation
• GIMP and/or Paint.net (BoltBait's stenography plugin is in the forum section)
• cygwin (various linux utilities: md5sum, file (determine filetype), wget (download raw files from http/ftp), ...
• A good hexeditor
• Teamviewer (Linux, Max OS X, Windows, Android and iPone versions): easy and friendly desktop sharing.

[Holmes.Sherlock]

I don't know what all challenges were, but this software could be useful to have:

Nice addition, Icecube

[Brito]

As Hex editor I would recommend mirkes.de Tiny Hexer: http://www.softpedia...iny-hexer.shtml Built for Windows and works under Linux/OSX with Wine.

To listen the network and capture passwords, I use this tool since a long time at my workplace: http://www.effetech.com/aps/

For private networking: http://www.remobo.com/

[Holmes.Sherlock]

@pscEx
May I ask you to consolidate & categorize the tools along with the links in the very first post for our quick reference? It'll come handy as a checklist on September 29th.

[Icecube]

CFF explorer can also be handy for viewing and editing Windows binaries (freeware in contrast to PE explorer):

Created by Daniel Pistelli, a freeware suite of tools including a PE editor called CFF Explorer and a process viewer. The PE editor has full support for PE32/64. Special fields description and modification (.NET supported), utilities, rebuilder, hex editor, import adder, signature scanner, signature manager, extension support, scripting, disassembler, dependency walker etc. First PE editor with support for .NET internal structures. Resource Editor (Windows Vista icons supported) capable of handling .NET manifest resources. The suite is available for x86, x64 and Itanium.

- Explorer Suite (Multi-Platform Version, Recommended)
- Explorer Suite (x86 Version)
- CFF Explorer (x86 Version, stand-alone, Zip Archive)

- CFF Explorer Extensions Repository

The CFF Explorer was designed to make PE editing as easy as possible, but without losing sight on the portable executable's internal structure. This application includes a series of tools which might help not only reverse engineers but also programmers. It offers a multi-file environment and a switchable interface.
Also, it's the first PE editor with full support for the .NET file format. With this tool you can easily edit metadata's fields and flags. If you're programming something that has to do with .NET metadata, you will need this tool. The resource viewer supports .NET image formats like icons, bitmaps, pngs. You'll be able to analyze .NET files without having to install the .NET framework, this tool has its own functions to access the .NET format.



Useful links:

- How to write a CFF Explorer Extension
- CFF Explorer Scripting Language Documentation (v2)
- CFF Explorer Scripting Language Documentation (v1)
- CFF Explorer Extensions Repository


Features:

• Process Viewer
• Drivers Viewer
• Windows Viewer
• PE and Memory Dumper
• Full support for PE32/64
• Special fields description and modification (.NET supported)
• PE Utilities
• PE Rebuilder (with Realigner, IT Binder, Reloc Remover, Strong Name Signature Remover, Image Base Changer)
• View and modification of .NET internal structures
• Resource Editor (full support for Windows Vista icons)
• Support in the Resource Editor for .NET resources (dumpable as well)
• Hex Editor
• Import Adder
• PE integrity checks
• Extension support
• Visual Studio Extensions Wizard
• Powerful scripting language
• Dependency Walker
• Quick Disassembler (x86, x64, MSIL)
• Name Unmangler
• Extension support
• File Scanner
• Directory Scanner
• Deep Scan method
• Recursive Scan method
• Multiple results
• Report generation
• Signatures Manager
• Signatures Updater
• Signatures Collisions Checker
• Signatures Retriever