The challenge “Baseline test” was a great reverse engineering challenge with hard difficulty at the Hungarian Cyber Security Challenge 2020 CTF Qualifiers hosted by the National Cyber-Security Center of Hungary on the platform Avatao Next.
Answer some simple questions.
The baseline test is an examination designed to measure any emotional deviance. In addition to the original test, this one has a second part to challenge rationality. Answer every question to fetch the flag.
Accessing the challenge was provided by SSH (cmdline was included in the challenge description), and in the container there was a SUID binary called “test” what was actually the challenge. …
Installing an unsigned iOS app (what is the prerequisite of jailbreaking) using Linux with (semi-)legitimate tools.
Consider the following situation: we have a factory-installed iOS device (iPhone 5S here) with a recent iOS version (12.4.8) and we want to jailbreak it. We have a Linux desktop (Arch Linux in the following guide), a lightning cable for the iPhone device, but nothing more. For example, we have no genuine Apple hardware installed with macOS.
Recently I have lost an important phone number accidentally as a consequence of wiping the data partition of my Android device (due to an OS upgrade migrating from the official but unsupported LineageOS branch to my unofficial but up-to-date supported LineageOS builds). All of the data were backed up, but unfortunately, this one phone number was not, and it was important. So I had to recover it somehow.
Because the wiped data partition was encrypted and the encryption keys were lost, any forensics jobs on the wiped partition would have been extremely hard or almost impossible.
Where else could we find that number? It seems obvious to get it from the mobile network operator since they quite certainly log everything. Luckily, the (free) “electronic call detailing” service was enabled in my subscription profile, so I had the chance to get details of historic calls easily, online, accessing my historic invoices. …