Python code audit of a firmware update - 34C3 CTF software_update (crypto) part 1/2

Channel:
United States LiveOverflow
Subscribers:
921,000
Published on ● Video Link: https://www.youtube.com/watch?v=Vgdhlh6evjI


Category:
Vlog
Duration: 12:48
51,642 views
1,123

This challenge from the 34C3 CTF implemented a software update in python. In part 1/2 we try to understand the code and think about possible attacks.

software_update: https://archive.aachen.ccc.de/34c3ctf.ccc.ac/challenges/index.html

What is CTF? https://www.youtube.com/watch?v=8ev9ZX9J45A
Why you should play CTFs: https://www.youtube.com/watch?v=rfjV8XukxO8


-=[ 🔴 Stuff I use ]=-

→ Microphone:* https://geni.us/ntg3b
→ Graphics tablet:* https://geni.us/wacom-intuos
→ Camera#1 for streaming:* https://geni.us/sony-camera
→ Lens for streaming:* https://geni.us/sony-lense
→ Connect Camera#1 to PC:* https://geni.us/cam-link
→ Keyboard:* https://geni.us/mech-keyboard
→ Old Microphone:* https://geni.us/mic-at2020usb

US Store Front:* https://www.amazon.com/shop/liveoverflow

-=[ ❤️ Support ]=-

→ per Video: https://www.patreon.com/join/liveoverflow
→ per Month: https://www.youtube.com/channel/UClcE-kVhqyiHCcjYwcpfj9w/join

-=[ 🐕 Social ]=-

→ Twitter: https://twitter.com/LiveOverflow/
→ Website: https://liveoverflow.com/
→ Subreddit: https://www.reddit.com/r/LiveOverflow/
→ Facebook: https://www.facebook.com/LiveOverflow/

-=[ 📄 P.S. ]=-

All links with "*" are affiliate links.
LiveOverflow / Security Flag GmbH is part of the Amazon Affiliate Partner Programm.

#Cryptography #CTF



Other Videos By LiveOverflow


2018-05-04Setup Private Server with Docker - Pwn Adventure 3
2018-04-27Let's Play/Hack - Pwn Adventure 3: Pwnie Island
2018-04-27[Live] 100.000 Subscriber
2018-04-20Custom Chromium Build to Reverse Engineer Pop-Under Trick
2018-04-13Sources and Sinks - Code Review Basics
2018-04-06The Secret step-by-step Guide to learn Hacking
2018-03-31Red vs. Blue: Pen-Testing Introduction
2018-03-30ey! Look for patterns
2018-03-23Fuzzing with radamsa - Short
2018-03-16Linear independence and GF(2) - 34C3 CTF software_update (crypto) part 2/2
2018-03-09Python code audit of a firmware update - 34C3 CTF software_update (crypto) part 1/2
2018-03-02Global variable Buffer Overflow to leak memory - 34C3 CTF readme_revenge (pwn)
2018-02-23CSS Keylogger - old is new again
2018-02-16STOP WASTING YOUR TIME AND LEARN MORE HACKING!
2018-02-10MMORPG Bot part 2 - Some thoughts on the data
2018-02-09MMORPG Bot Reverse Engineering and Tracking
2018-02-02heap0 exploit speedrun & weird ASCII string on the Heap - bin 0x28
2018-01-26Let’s play a game: what is the deadly bug here?
2018-01-19TROOPERS 17 Badge ft. BadgeWizard
2018-01-12Identifying UART and main() in an AVR firmware (ft. Zeta Two) part 1 - rhme2
2018-01-05Regular expression as Finite-state machine - Short


Tags:
Live Overflow
liveoverflow
hacking tutorial
how to hack
exploit tutorial
firmware update
code audit
code review
crypto
ctf
challenge
capture the flag
software_update
cryptography
hashing
signature
rsa based
34c3ctf
34c3 ctf
python code
security audit
whitebox
bug hunting
public key
private key
signature check
signature verification
updater
invalid signature
pycrypto
sha
xor
xoring
pkcs1
pkcs1_pss