[HOME] > PC-UNIX Tips > CTF Tools
Updated:
PC-UNIX Tips
初めて参加した SECCON2018。サービス問題1問だけ運良く解きました (^_^;; あとは撃沈... 今後に向けて揃えておくべきツールや各種情報を自分用にまとめておきます。
Checksec is a bash script to check the properties of executables (like PIE, RELRO, PaX, Canaries, ASLR, Fortify Source).
![[商品価格に関しましては、リンクが作成された時点と現時点で情報が変更されている場合がございます。]](https://hbb.afl.rakuten.co.jp/hgb/2aa16679.78c78f32.2aa1667a.0daa0a9a/?me_id=1278256&item_id=15086406&pc=https%3A%2F%2Fthumbnail.image.rakuten.co.jp%2F%400_mall%2Frakutenkobo-ebooks%2Fcabinet%2F3615%2F2000003793615.jpg%3F_ex%3D240x240&s=240x240&t=picttext "[商品価格に関しましては、リンクが作成された時点と現時点で情報が変更されている場合がございます。]")
% checksec.sh/checksec a.out
GDB, the GNU Project debugger, allows you to see what is going on `inside' another program while it executes -- or what another program was doing at the moment it crashed.
% cat > ~/.gdbinit
set disassembly-flavor intel
% gdb -q a.out
PEDA - Python Exploit Development Assistance for GDB
% cat > ~/.gdbinit
source ~/peda/peda.py
% gdb -q a.out
...
gdb-peda$
objdump displays information about one or more object files.
% objdump -M Intel -d a.out
trace system calls and signals
% strace a.out
ltrace intercepts and records dynamic library calls which are called by an executed process and the signals received by that process. It can also intercept and print the system calls executed by the program.
% ltrace a.out
The utilities od and hexdump output octal, hex, or otherwise encoded bytes from a file or stream.
% hexdump -C filename
Pwntools is a CTF framework and exploit development library. Written in Python, it is designed for rapid prototyping and development, and intended to make exploit writing as simple as possible.
from pwn import *
IDA is the Interactive DisAssembler: the world's smartest and most feature-full disassembler, which many software security specialists are familiar with.
Binwalk is a fast, easy to use tool for analyzing, reverse engineering, and extracting firmware images.
% binwalk -e hoge.pdf
Foremost is a console program to recover files based on their headers, footers, and internal data structures.
% foremost hoge.pdf
使いやすさと高機能を両立した最強の新・定番バイナリエディタ
GHex allows the user to load data from any file, view and edit it in either hex or ascii.
マルウェア解析やデジタル・フォレンジックにも活用可能
ExifTool is a platform-independent Perl library plus a command-line application for reading, writing and editing meta information in a wide variety of files.
TweakPNG is a low-level utility for examining and modifying PNG image files.
強力なQRコードデコーダ
% ./sqrd qr.txt
sample_data
PC-UNIX Tips
Written by kabada![[商品価格に関しましては、リンクが作成された時点と現時点で情報が変更されている場合がございます。]](https://hbb.afl.rakuten.co.jp/hgb/2aa16679.78c78f32.2aa1667a.0daa0a9a/?me_id=1278256&item_id=16638918&pc=https%3A%2F%2Fthumbnail.image.rakuten.co.jp%2F%400_mall%2Frakutenkobo-ebooks%2Fcabinet%2F3715%2F2000005393715.jpg%3F_ex%3D240x240&s=240x240&t=picttext "[商品価格に関しましては、リンクが作成された時点と現時点で情報が変更されている場合がございます。]")