├── README.md ├── files ├── DRM │ ├── DRM_server.tar.gz │ ├── Readme │ └── libchall_plugin.so ├── stage1 │ ├── build-imgs.py │ └── tshark-extract.sh ├── stage2 │ ├── A..Mazing.exe.c │ ├── A..Mazing.exe.h │ ├── chall │ │ ├── A..Mazing.exe │ │ ├── Readme.md │ │ ├── env.txt │ │ └── flag.jpg │ ├── exploit.py │ └── makeleak.py ├── stage3 │ ├── disas.py │ ├── guest-dump.c │ ├── guest-test.c │ ├── guest.so │ ├── guest.vm │ ├── interp-disas.py │ ├── interp-encrypt.py │ ├── interp-test.py │ ├── interp.txt │ ├── libchall_plugin.so.c │ └── libchall_plugin.so.h ├── stage4 │ ├── disas.py │ ├── disas.txt │ ├── prog.c │ ├── pw.bin │ ├── pwcheck.prog │ ├── rce.py │ ├── service.c │ ├── service.h │ ├── solvepw.py │ └── testprog.py └── stage5 │ ├── decrypt.py │ ├── exploit.c │ ├── poc1.c │ ├── poc2.c │ ├── poc3.c │ ├── poc4.c │ ├── shellcode.s │ ├── sstic.ko.c │ └── sstic.ko.h ├── images ├── stage1-001-wireshark.png ├── stage1-002-disk.png ├── stage1-003-flag.jpg ├── stage2-001-windbg.png ├── stage2-002-vlc.png ├── stage3-001-architecture.png ├── stage3-002-wbc.png ├── stage5-001-architecture.png ├── stage5-002-bademail.png └── stage5-003-email.png └── writeup.md /README.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/nneonneo/sstic-2021/HEAD/README.md -------------------------------------------------------------------------------- /files/DRM/DRM_server.tar.gz: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/nneonneo/sstic-2021/HEAD/files/DRM/DRM_server.tar.gz -------------------------------------------------------------------------------- /files/DRM/Readme: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/nneonneo/sstic-2021/HEAD/files/DRM/Readme -------------------------------------------------------------------------------- /files/DRM/libchall_plugin.so: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/nneonneo/sstic-2021/HEAD/files/DRM/libchall_plugin.so -------------------------------------------------------------------------------- /files/stage1/build-imgs.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/nneonneo/sstic-2021/HEAD/files/stage1/build-imgs.py -------------------------------------------------------------------------------- /files/stage1/tshark-extract.sh: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/nneonneo/sstic-2021/HEAD/files/stage1/tshark-extract.sh -------------------------------------------------------------------------------- /files/stage2/A..Mazing.exe.c: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/nneonneo/sstic-2021/HEAD/files/stage2/A..Mazing.exe.c -------------------------------------------------------------------------------- /files/stage2/A..Mazing.exe.h: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/nneonneo/sstic-2021/HEAD/files/stage2/A..Mazing.exe.h -------------------------------------------------------------------------------- /files/stage2/chall/A..Mazing.exe: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/nneonneo/sstic-2021/HEAD/files/stage2/chall/A..Mazing.exe -------------------------------------------------------------------------------- /files/stage2/chall/Readme.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/nneonneo/sstic-2021/HEAD/files/stage2/chall/Readme.md -------------------------------------------------------------------------------- /files/stage2/chall/env.txt: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/nneonneo/sstic-2021/HEAD/files/stage2/chall/env.txt -------------------------------------------------------------------------------- /files/stage2/chall/flag.jpg: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/nneonneo/sstic-2021/HEAD/files/stage2/chall/flag.jpg -------------------------------------------------------------------------------- /files/stage2/exploit.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/nneonneo/sstic-2021/HEAD/files/stage2/exploit.py -------------------------------------------------------------------------------- /files/stage2/makeleak.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/nneonneo/sstic-2021/HEAD/files/stage2/makeleak.py -------------------------------------------------------------------------------- /files/stage3/disas.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/nneonneo/sstic-2021/HEAD/files/stage3/disas.py -------------------------------------------------------------------------------- /files/stage3/guest-dump.c: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/nneonneo/sstic-2021/HEAD/files/stage3/guest-dump.c -------------------------------------------------------------------------------- /files/stage3/guest-test.c: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/nneonneo/sstic-2021/HEAD/files/stage3/guest-test.c -------------------------------------------------------------------------------- /files/stage3/guest.so: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/nneonneo/sstic-2021/HEAD/files/stage3/guest.so -------------------------------------------------------------------------------- /files/stage3/guest.vm: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/nneonneo/sstic-2021/HEAD/files/stage3/guest.vm -------------------------------------------------------------------------------- /files/stage3/interp-disas.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/nneonneo/sstic-2021/HEAD/files/stage3/interp-disas.py -------------------------------------------------------------------------------- /files/stage3/interp-encrypt.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/nneonneo/sstic-2021/HEAD/files/stage3/interp-encrypt.py -------------------------------------------------------------------------------- /files/stage3/interp-test.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/nneonneo/sstic-2021/HEAD/files/stage3/interp-test.py -------------------------------------------------------------------------------- /files/stage3/interp.txt: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/nneonneo/sstic-2021/HEAD/files/stage3/interp.txt -------------------------------------------------------------------------------- /files/stage3/libchall_plugin.so.c: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/nneonneo/sstic-2021/HEAD/files/stage3/libchall_plugin.so.c -------------------------------------------------------------------------------- /files/stage3/libchall_plugin.so.h: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/nneonneo/sstic-2021/HEAD/files/stage3/libchall_plugin.so.h -------------------------------------------------------------------------------- /files/stage4/disas.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/nneonneo/sstic-2021/HEAD/files/stage4/disas.py -------------------------------------------------------------------------------- /files/stage4/disas.txt: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/nneonneo/sstic-2021/HEAD/files/stage4/disas.txt -------------------------------------------------------------------------------- /files/stage4/prog.c: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/nneonneo/sstic-2021/HEAD/files/stage4/prog.c -------------------------------------------------------------------------------- /files/stage4/pw.bin: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/nneonneo/sstic-2021/HEAD/files/stage4/pw.bin -------------------------------------------------------------------------------- /files/stage4/pwcheck.prog: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/nneonneo/sstic-2021/HEAD/files/stage4/pwcheck.prog -------------------------------------------------------------------------------- /files/stage4/rce.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/nneonneo/sstic-2021/HEAD/files/stage4/rce.py -------------------------------------------------------------------------------- /files/stage4/service.c: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/nneonneo/sstic-2021/HEAD/files/stage4/service.c -------------------------------------------------------------------------------- /files/stage4/service.h: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/nneonneo/sstic-2021/HEAD/files/stage4/service.h -------------------------------------------------------------------------------- /files/stage4/solvepw.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/nneonneo/sstic-2021/HEAD/files/stage4/solvepw.py -------------------------------------------------------------------------------- /files/stage4/testprog.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/nneonneo/sstic-2021/HEAD/files/stage4/testprog.py -------------------------------------------------------------------------------- /files/stage5/decrypt.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/nneonneo/sstic-2021/HEAD/files/stage5/decrypt.py -------------------------------------------------------------------------------- /files/stage5/exploit.c: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/nneonneo/sstic-2021/HEAD/files/stage5/exploit.c -------------------------------------------------------------------------------- /files/stage5/poc1.c: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/nneonneo/sstic-2021/HEAD/files/stage5/poc1.c -------------------------------------------------------------------------------- /files/stage5/poc2.c: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/nneonneo/sstic-2021/HEAD/files/stage5/poc2.c -------------------------------------------------------------------------------- /files/stage5/poc3.c: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/nneonneo/sstic-2021/HEAD/files/stage5/poc3.c -------------------------------------------------------------------------------- /files/stage5/poc4.c: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/nneonneo/sstic-2021/HEAD/files/stage5/poc4.c -------------------------------------------------------------------------------- /files/stage5/shellcode.s: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/nneonneo/sstic-2021/HEAD/files/stage5/shellcode.s -------------------------------------------------------------------------------- /files/stage5/sstic.ko.c: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/nneonneo/sstic-2021/HEAD/files/stage5/sstic.ko.c -------------------------------------------------------------------------------- /files/stage5/sstic.ko.h: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/nneonneo/sstic-2021/HEAD/files/stage5/sstic.ko.h -------------------------------------------------------------------------------- /images/stage1-001-wireshark.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/nneonneo/sstic-2021/HEAD/images/stage1-001-wireshark.png -------------------------------------------------------------------------------- /images/stage1-002-disk.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/nneonneo/sstic-2021/HEAD/images/stage1-002-disk.png -------------------------------------------------------------------------------- /images/stage1-003-flag.jpg: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/nneonneo/sstic-2021/HEAD/images/stage1-003-flag.jpg -------------------------------------------------------------------------------- /images/stage2-001-windbg.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/nneonneo/sstic-2021/HEAD/images/stage2-001-windbg.png -------------------------------------------------------------------------------- /images/stage2-002-vlc.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/nneonneo/sstic-2021/HEAD/images/stage2-002-vlc.png -------------------------------------------------------------------------------- /images/stage3-001-architecture.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/nneonneo/sstic-2021/HEAD/images/stage3-001-architecture.png -------------------------------------------------------------------------------- /images/stage3-002-wbc.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/nneonneo/sstic-2021/HEAD/images/stage3-002-wbc.png -------------------------------------------------------------------------------- /images/stage5-001-architecture.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/nneonneo/sstic-2021/HEAD/images/stage5-001-architecture.png -------------------------------------------------------------------------------- /images/stage5-002-bademail.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/nneonneo/sstic-2021/HEAD/images/stage5-002-bademail.png -------------------------------------------------------------------------------- /images/stage5-003-email.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/nneonneo/sstic-2021/HEAD/images/stage5-003-email.png -------------------------------------------------------------------------------- /writeup.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/nneonneo/sstic-2021/HEAD/writeup.md --------------------------------------------------------------------------------