img path update

D-C4ptain · D-C4ptain · commit b06d85cb29cc · 2025-01-14T09:41:21.000-05:00
diff --git a/_posts/2024-11-15-P3rf3ctr00t CTF 2024.md b/_posts/2024-11-15-P3rf3ctr00t CTF 2024.md
@@ -7,15 +7,15 @@ tags: [P3rf3ctr00t CTF, Perfectroot CTF, reverse engineering, jeopardy, Capture
 ---
 
 
-![image.png](/assets/img/posts/ctf/perfectrootctf/image.png)
+![image.png](/assets/img/posts/ctf/perfectrootctf24/image.png)
 
 As part of our engagement in the [P3rf3ctr00t](https://perfectroot.wiki/) CTF, [Fr334aks-mini](https://www.linkedin.com/company/83010158/) showcased remarkable teamwork and determination, achieving 5th place overall, while our second team secured 26th position. This competition presented diverse challenges that tested our problem-solving skills across multiple domains, sharpening our technical expertise and teamwork.
 
-![pfrootresults.png](/assets/img/posts/ctf/perfectrootctf/pfrootresults.png)
+![pfrootresults.png](/assets/img/posts/ctf/perfectrootctf24/pfrootresults.png)
 
 Team B
 
-![pfrootresultsb.png](/assets/img/posts/ctf/perfectrootctf/pfrootresultsb.png)
+![pfrootresultsb.png](/assets/img/posts/ctf/perfectrootctf24/pfrootresultsb.png)
 
 In this write-up, I will delve into some of the challenges I tackled in OSINT, Reverse Engineering, Forensics, and Steganography. These categories not only highlight the breadth of the competition but also underline the strategic approaches and methodologies I employed to solve them. Each challenge provided unique insights and opportunities for growth, contributing to our overall success.
 
@@ -24,7 +24,7 @@ Let’s explore the challenges and my journey through these fascinating categori
 ## OSINT
 ### Adversary Within - Part 1
 
-![oaw1.png](/assets/img/posts/ctf/perfectrootctf/oaw1.png)
+![oaw1.png](/assets/img/posts/ctf/perfectrootctf24/oaw1.png)
 
 From the description, this was definitely referring to Active Directory. 
 
@@ -37,22 +37,22 @@ At first I thought of ACLs but then looking around with a team mate([jnmunene](h
 ## Steg
 ### Mayday Mayday
 
-![stegmay.png](/assets/img/posts/ctf/perfectrootctf/stegmay.png)
+![stegmay.png](/assets/img/posts/ctf/perfectrootctf24/stegmay.png)
 
 We are given a .wav file. What came into my mind was morse code for some reason(may be it’s the description).
 
 Using [this site](https://morsefm.com/) I got the flag quite easily.
 
 (had to use this in Chromium browser - Firefox probably doesn’t like morse)
 
-![mayday1.png](/assets/img/posts/ctf/perfectrootctf/mayday1.png)
+![mayday1.png](/assets/img/posts/ctf/perfectrootctf24/mayday1.png)
 
 `r00t{J@M35_007_B0ND_2OO9}`
 
 ## Forensics
 ### Code Mirage
 
-![fcode.png](/assets/img/posts/ctf/perfectrootctf/fcode.png)
+![fcode.png](/assets/img/posts/ctf/perfectrootctf24/fcode.png)
 
 Just a heads up, I **blooded** this challenge! 
 
@@ -107,29 +107,29 @@ The author explained it well here - [P3rf3ctr00tCTF](https://k4p3re.github.io/po
 ## Rev
 ### Pores
 
-![rpores.png](/assets/img/posts/ctf/perfectrootctf/rpores.png)
+![rpores.png](/assets/img/posts/ctf/perfectrootctf24/rpores.png)
 
 Just started learning reverse engineering so, I may not know what I am doing but I am good at it.
 
 Looking at the file type revealed that it was an unstripped(has debug information) elf
 
-![poreshot3.png](/assets/img/posts/ctf/perfectrootctf/poreshot3.png)
+![poreshot3.png](/assets/img/posts/ctf/perfectrootctf24/poreshot3.png)
 
 I then checked out for any readable strings within the file with the strings command
 
-![poreshot4.png](/assets/img/posts/ctf/perfectrootctf/poreshot4.png)
+![poreshot4.png](/assets/img/posts/ctf/perfectrootctf24/poreshot4.png)
 
 Making the file executable with `chmod +x poresssss` then running it `./poresssss` gave no output. 
 
 What just happened! Ever downloaded a random game online and installed it locally. While playing you get to see random pop ups that disappear in a sec? that’s what it feels running a binary and there’s no nothing.
 
-![surprise.webp](/assets/img/posts/ctf/perfectrootctf/surprise.webp)
+![surprise.webp](/assets/img/posts/ctf/perfectrootctf24/surprise.webp)
 
 ### Ghidra’s take:
 
 The main functions is empty and does not seem to call any other function, especially the printFlag function which is why we are here in the first place!
 
-![poreshot6.png](/assets/img/posts/ctf/perfectrootctf/poreshot6.png)
+![poreshot6.png](/assets/img/posts/ctf/perfectrootctf24/poreshot6.png)
 
 The function `printFlag` takes two parameters:
 
@@ -140,19 +140,19 @@ The function `printFlag` takes two parameters:
 
 Together, these parameters allow the function to decode and print data stored in a memory block, treating each element as an encoded value to be broken down into individual characters.
 
-![poreshot7.png](/assets/img/posts/ctf/perfectrootctf/poreshot7.png)
+![poreshot7.png](/assets/img/posts/ctf/perfectrootctf24/poreshot7.png)
 
 Let’s check with GDB
 
-![investigate.webp](/assets/img/posts/ctf/perfectrootctf/investigate.webp)
+![investigate.webp](/assets/img/posts/ctf/perfectrootctf24/investigate.webp)
 
 ### GDB’s take:
 
 I opened the file in gdb and set a breakpoint at the main function.
 
 Running the program and disassembling the main function:
 
-![poreshot5.png](/assets/img/posts/ctf/perfectrootctf/poreshot5.png)
+![poreshot5.png](/assets/img/posts/ctf/perfectrootctf24/poreshot5.png)
 
 Seems there is a flag stored at address `0x555555558040`. 
 
@@ -164,7 +164,7 @@ Thus, the program never proceeds to execute `printFlag`.
 
 Using the `layout asm` I jumped around addresses looking at the contents of the addresses.
 
-![poresshot.png](/assets/img/posts/ctf/perfectrootctf/poresshot.png)
+![poresshot.png](/assets/img/posts/ctf/perfectrootctf24/poresshot.png)
 
 We will use gdb's `call` command to directly execute the `printFlag` function from its starting point.
 
@@ -174,7 +174,7 @@ Additionally, remember to provide the required two arguments(as we saw with ghid
 
 the address of the flag (`0x555555558040`) and `8`, which specifies the number of 8-byte blocks the data contains.
 
-![poreshot2.png](/assets/img/posts/ctf/perfectrootctf/poreshot2.png)
+![poreshot2.png](/assets/img/posts/ctf/perfectrootctf24/poreshot2.png)
 
 `r00t{p4tch_th3_bin_and_h4ve_fun}`
 
@@ -184,4 +184,4 @@ Till next time, cheers!
 
 And remember, there are many ways of killing a rat!
 
-![jerry.webp](/assets/img/posts/ctf/perfectrootctf/jerry.webp)
+![jerry.webp](/assets/img/posts/ctf/perfectrootctf24/jerry.webp)
