Vulnerability Analysis and or Capturing The Flag.
How is this done?
There are 3 ways which theoretically proves to be the easy way(methods) to analyse binaries for bugs/vulnerabilities. These are : Fuzzing, Symbolic Execution and Dynamic Symbolic Execution .

*************************************
FUZZING:
Read more : https://en.m.wikipedia.org/wiki/Fuzzing

Fuzzing technique was originally developed by Barton Miller(https://scholar.google.com/citations?user=dywFuRMAAAAJ&hl=en)

Basic Concept of Fuzzing : These technique aims to generate inputs that explores all possible path in a binary in hopes of finding one path that will cause the program to crash.

Crash Why Practically binary crashes is the first step to finding bugs/vulnerabilities.

**************************************
SYMBOLIC EXECUTION :
Read more: https://en.m.wikipedia.org/wiki/Symbolic_execution

Symbolic execution technique aims to analyse a binary without executing it, using symbols instead of inputs/data.
A theorem prover is needed to when dealing with solving paths in symbolic execution. A popular theorem prover is Z3(https://en.m.wikipedia.org/wiki/Z3_Theorem_Prover)
There are certain limitations with symbolic execution technique, and this birthed the rise of Dynamic Symbolic Execution.
One of the most popular Symbolic Execution tool which luckily is also open sourced is angr.

***************************************
DYNAMIC SYMBOLIC EXECUTION
DSE technique is just like, "using one stone to kill 2 birds".
DSE technique bridges fuzzing and symbolic execution. Theoretically, DSE is the fastest and most efficient technique to spotting bug(s) or analysing a binary.

SYSTEM SETUP & CONFIGURATIONS
Kali Linux and ParrotOS are the two most used Linux distribution for CTFs and finding bugs.
Virtual Machine Security :
The process of finding bugs can be tricky and it is always recommended to have a secure firewall, and so I used pfSense. pfSense from NetsGate is a secure firewall that protects a virtualized environment from the wild internet.
1st Image: PFSense image.
2nd Image: PFSense final configuration message.
Operating System for Hacks(Ethical):
After securing my virtualized environment, the next step is getting the OS, I choose Kali Linux(I downloaded the .ova file specific to Virtualbox. Setting up was a breeze, Offensive Security has made a lot of efforts in simplifying the installation process.
3rd Image: Kali Linux starter screen
4th Image: Kali Linux Home Screen

Kali prides as been an OS for hacks thereby coming pre-installed with a lot of useful tools.
Testing Tools for binary:
In this case I tested for Python and C which came pre-installed.
1st Image: C code for test purpose. After code comes the compilation. gcc is really handy here.
2nd Image: Binary file from compiled source file. At this point I knew that the Kali setup was successful, tools were all working.
3rd Image: Binary works as expected.

Next up will be to set up a virtualenv(Python) for symbolic execution of different binaries and playing around with some CTF challenges.

I now have my virtual environment activated. I made some mistakes with some commands, but now it has been fixed.
1st Image: Activated Virtual Environment.
2nd Image: Virtual Environment will use Python 3.9.8. My Kali installation is Kali 2.4 which comes preinstalled with the most recent version of Python, so the venv will use all that dependencies and system level dependencies like gcc(for C code). With Python added, I can also use pip for most installation, and I can use Python script for automation as well.
3rd Image: Angr Script for first CTF.
Disclaimer: I found this sample script on the internet.
The script will try to find what input will trigger the bug, since I want to find out the passcode from the binary. (From the previous C code, the passcode is 2022, let's see if that will be displayed.)
4th Image: Used pip to install Angr in the venv.

1st Image: After running Angr against the script, the base address of the program is shown as well as the password.
2nd Image: Viola the password is shown. I CTF.
.
I decided to make some detour, I setup the popular Metasploitable VM, which is a vulnerable Linux server, to see what I can glean.
3rd Image: Metasploitable VM
4th Image: I was able to remotely access the Server from Kali. The server + Kali all work in a LAN, so I hacked the IP address using netdiscover command. I also activated some shell commands(script) to remotely reboot and shut down the server.

I finally downloaded the crackmes and the repository.
1st Image: Crackmes and a binary bomb file
2 Image: The Angr CTF repo
3rd Image: Reverse Engineering tasks involves a lot of repetition, and so have a file that aids automation is key. I always have a gdb configuration file to assist with debugging with GDB. I decided to use GDB in sync with Angr to get the full picture of the file. GDB will execute at root level while Angr will execute at venv level.
4th Image: (Optional) I created a file to store list of Flags Captured. I stored this file in the Desktop folder for quick access.

1st Image: Starting now I'll need to get the strings in the crackeme2 file. String is one of the best first step with analysis. You will notice that this is an IOLI crackme challenge.
2nd Image: Next up is to know what is the file format of the binary. Guesses correct; it is an elf file.
3rd Image: Unfortunately GDB doesn't come pre-installed on Kali so I had to install it.
4th Image: After some little debugging now comes the time to write Angr script. The script shows two possible paths(or inputs) to crack the crackme.

1st Image: Viola the two paths are shown and finally the correct path(or input) to crack the challenge.

lets connect bro
gat some ctfs we could learn and horn our skillz

Hamzasaid:
lets connect bro
gat some ctfs we could learn and horn our skillz

Drop your contact, lemme hook up.

Nawa!

olioxx:

Drop your contact, lemme hook up.

let's chat on whatsapp
"" 21CD6D315 """
decode hex

i successfully used fern to hack my neighbor wi-fi