nullcon HackIM 2019 – babypwn

The nullcon HackIM 2019 CTF (ctftime.org) ran from 01/02/2019, 16:30 UTC to 03/02/2019 04:30 UTC.

I did the pwn challenge babypwn, which was really fun to do. The following article contains my writeup being divided into the following sections:

Challenge description
Security mechanisms and disassembly
Signedness vulnerabilitiy
Format string vulnerabilitiy
Final exploit

Continue reading “nullcon HackIM 2019 – babypwn”

Google CTF 2018 (Quals) – writeup JS safe 2.0

The qualifications for the Google Capture The Flag 2018 (ctftime.org) ran from 23/06/2018, 00:00 UTC to 24/06/2018 23:59 UTC.

The CTF was worked out very well. There have been plenty of interesting and creative challenges.

This time I decided to focus on the category web and managed to solve the challenge JS safe 2.0, which was the easiest one of the web-challenges based on the amount of solves. Nevertheless it really took my some time to dodge all the pitfalls I stumbled upon while solving the challenge.

Continue reading “Google CTF 2018 (Quals) – writeup JS safe 2.0”

angstromCTF 2018 – writeup hellcode

The angstromCTF 2018 (ctftime.org) ran from 16/03/2018, 20:00 UTC to 23/03/2018 00:00 UTC.

As the description on ctftime.org states, the ctf is primarily geared towards high school students but with a very wide range of challenge difficulty.

There have been a lot of interesting challenges which have been fun to do. I decided to make a writeup for the pwn challenge hellcode.

Continue reading “angstromCTF 2018 – writeup hellcode”