{"id":23101163,"url":"https://github.com/carusel02/isc-first-level","last_synced_at":"2026-05-01T14:33:17.936Z","repository":{"id":223317699,"uuid":"728630391","full_name":"Carusel02/ISC-first-level","owner":"Carusel02","description":"ISC-tema1","archived":false,"fork":false,"pushed_at":"2023-12-07T15:45:45.000Z","size":777,"stargazers_count":1,"open_issues_count":0,"forks_count":0,"subscribers_count":1,"default_branch":"main","last_synced_at":"2025-04-03T21:18:09.529Z","etag":null,"topics":["ctf","flags","isc","linux"],"latest_commit_sha":null,"homepage":"","language":"Python","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":null,"status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/Carusel02.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":null,"code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null}},"created_at":"2023-12-07T10:59:43.000Z","updated_at":"2024-11-18T16:28:10.000Z","dependencies_parsed_at":"2024-02-19T16:46:59.515Z","dependency_job_id":null,"html_url":"https://github.com/Carusel02/ISC-first-level","commit_stats":null,"previous_names":["carusel02/isc-first-level"],"tags_count":0,"template":false,"template_full_name":null,"purl":"pkg:github/Carusel02/ISC-first-level","repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/Carusel02%2FISC-first-level","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/Carusel02%2FISC-first-level/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/Carusel02%2FISC-first-level/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/Carusel02%2FISC-first-level/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/Carusel02","download_url":"https://codeload.github.com/Carusel02/ISC-first-level/tar.gz/refs/heads/main","sbom_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/Carusel02%2FISC-first-level/sbom","scorecard":null,"host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":286080680,"owners_count":32501399,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2026-04-30T13:12:12.517Z","status":"online","status_checked_at":"2026-05-01T02:00:05.856Z","response_time":64,"last_error":null,"robots_txt_status":"success","robots_txt_updated_at":"2025-07-24T06:49:26.215Z","robots_txt_url":"https://github.com/robots.txt","online":true,"can_crawl_api":true,"host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["ctf","flags","isc","linux"],"created_at":"2024-12-16T23:50:31.789Z","updated_at":"2026-05-01T14:33:17.915Z","avatar_url":"https://github.com/Carusel02.png","language":"Python","funding_links":[],"categories":[],"sub_categories":[],"readme":"# README TEMA1 ISC\n### CRYPTO ATTACK\nRezolvare:\n1. `message.txt` contine un mesaj de tip json in base64 unde gasesti:\n    * `n`\n    * `e`\n    * `flag` (encriptat)\n2. la server se poate trimite un `mesaj codat in base64`, din\ncare se extrage flagul encriptat, iar serverul iti trimite\ninapoi fie mesajul \"the flag is valid\", fie `mesajul decriptat`\n3. pentru a obtine flagul decriptat, se foloseste `\"chosen\nRSA attack\"`\n4. ideea de baza consta in trimiterea `(flag ului criptat x nr criptat)`\npentru a primi inapoi mesajul decriptat sub forma `(flag x nr)`\n5. cum se stie nr initial, se poate afla cu usurinta flagul impartind \nraspunsul primit de la server la nr initial ales\n6. pentru usurinta, se modifica scriptul initial pentru a satisface toti pasii\n\nFlagul este: `SpeishFlag{AOXf0JYBUWteUxxTWO9gh7eb47xBPF9R}`\n\n### LINUX ACL\nRezolvare:\n1. te conectezi cu cheia ssh la server si se inspecteaza folderul\ndin `/usr/local/bin`\n2. se observa 3 scripturi:\n    * `janitor-coffe.sh` -\u003e se observa ca nu se poate rula\n    robot-sudo \n    * `janitor-vacuum.sh` -\u003e se observa ca se poate rula robot-sudo\n    folosind calea absoluta /usr/local/bin/vacuum-control\n    * `vacuum-control` -\u003e se observa ca se face o filtrare a utilizatorilor\n    dupa id\n3. cu comanda ls -al observam ca robot-sudo are alt owner si grup\n4. se inspecteaza cu `strings robot-sudo` si observam un configuration\nfile unde se afla 2 reguli:\n    * `allow roombax /usr/bin/askundete/b0ss-call`\n    * `allow janitor /usr/local/bin/vacuum-control`\n5. se inspecteaza cu `strings b0ss-call` si dam de urmatoarele informatii:\n    * `b72b3b726420bdc905b71005b1a67431` (pare un argument)\n    * Access denied! (daca nu se da argumentul de mai sus)\n    * I will contact you when I require your cleaning services, janitor!\n    * Congratulations, here's your flag: (se da argumentul corect)\n    * `cat /usr/lib/ziggy/damn/.my.flag` (se afla flagul)\n6. trebuie sa incercam sa rulam `b0ss-call` cu argumentul lung de mai \nsus\n7. `roombax` poate sa apeleze `b0ss-call`, iar janitor poate sa apeleze \n`vacuum-control`\n8. facem un script care sa apeleze b0ss-call cu arg si sa faca match pe\nnumele `vacuum-control`, pentru ca suntem janitor\n\nFlagul este: `SpeishFlag{yQI5ZR9F1pVIR7mzRtb3VQVTpRh4IUxU}`\n\n### BINARY EXPLOIT\nRezolvare:\n1. se inspecteaza executabilul cu ghidra unde se observa\nca vectorul ce contine numerele e plasat `relativ la stiva`\n2. exista astfel situatia in care se poate face un atac\nde tip overflow, adaugand `nr maxim de numere` (de tip uint) + `adresa lui win` \n(extrasa tot din ghidra) + `4 bytes` (old ebp) + `lucky number ul`\n3. se ruleaza pe server si se obtine flag ul corespunzator\n\nFlagul este: `SpeishFlag{JcaHUnSRHtdXP8UHnSfaX44QmcXvk1lb}`\n\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fcarusel02%2Fisc-first-level","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fcarusel02%2Fisc-first-level","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fcarusel02%2Fisc-first-level/lists"}