For many people this was there first time doing any binary exploitation or reverse engineering. Kudos to those of you who showed up and put an honest effort into trying to solve these problems. They can be very intimidating and difficult to approach if you are not sure where to start. We have several resources available which may help fill in the gaps in your knowledge. I think that this article(A fundamental introduction to x86 assembly programming), will be really helpful to you guys in gaining some situational awareness as to what is going on in the debugger. If you want to dive deeper beginners.re is a comprehensive, free book on Reverse Engineering that I still need to crack into, but have heard many good things about.
Narnia0 had an interesting twist to a traditional buffer overflow attack. There was a control flow we could alter to invoke an interactive shell, but traditional ways of piping payloads to a binary did not work. I talked a little bit more about why that was happening here
We are going to try and extend the hours of the CTF next time from 5-11. No one is expected to stay the whole time, we will post a detailed syllabus and recap so that people who miss meetups will be able to keep up with the rest of the group.
Here is the rough schedule I have in mind for next time, keep in mind things will change or we may spend more time discussing specific concepts.
5-7 PM (Free Time/Setup) - If some of you guys are itching for a challenge, try and complete the Narnia series by this time. We can go over them informally.
7-8 PM - Brief review of Crackme 2/3 (Try to have them finished by then, feel free to ping me in Slack if you need some help or pointers)
8-11 PM - Work through additional Crackmes