VolgaCTF 2019 Qualifier – Blind

The VolgaCTF 2019 Qualifier (ctftime.org) took place from 29/03/2019, 15:00 UTC to 31/03/2019 15:00 UTC.

There has been a really interesting RSA crypto challenge called Blind, which I would like to share with you in this writeup.

The article is divided into the following sections:

Challenge description
What does the script do?
Blind RSA Signature
Retrieving the Flag

Continue reading “VolgaCTF 2019 Qualifier – Blind”

nullcon HackIM 2019 – babypwn

The nullcon HackIM 2019 CTF (ctftime.org) ran from 01/02/2019, 16:30 UTC to 03/02/2019 04:30 UTC.

I did the pwn challenge babypwn, which was really fun to do. The following article contains my writeup being divided into the following sections:

Challenge description
Security mechanisms and disassembly
Signedness vulnerabilitiy
Format string vulnerabilitiy
Final exploit

Continue reading “nullcon HackIM 2019 – babypwn”

HACKvent18 writeup

For the sixth time in a row now hacking-lab.com carried out the annual HACKvent. Each day from the 1st of december until the 24th a new challenge is published. I would have loved to spend more time on it, but time is a rare resource especially on the days before christmas 😉 After all I managed to solve 21 of 24 tasks:

Easy
Day 01: Just Another Bar Code
Day 02: Me
Day 03: Catch me
Day 04: pirating like in the 90ies
Day 05: OSINT 1
Day 06: Mondrian
Day 07: flappy.pl
Medium
Day 08: Advent Snail
Day 09: fake xmass balls
Day 10: >_ Run, Node, Run
Day 11: Crypt-o-Math 3.0
Day 12: SmartWishList
Day 13: flappy’s revenge
Day 14: power in the shell
Hard
Day 15: Watch Me
Day 16: Pay 100 Bitcoins
Day 17: Faster KEy Exchange
Day 18: Be Evil
Day 19: PromoCode
Day 20: I want to play a game
Day 21: muffinCTF (Day 1)
Day 22: muffinCTF (Day 2)
Day 23: muffinCTF (Day 3)
Final
Day 24: Take the red pill, take the blue pill

Continue reading “HACKvent18 writeup”

Hacky Easter 2018 writeup

As every year hacking-lab.com carried out the annual Hacky Easter event with 27 challenges. I could not spend as much time as I would have liked to on solving the challenges, but after all I managed to collect 25 of the 27 eggs and focused on this writeup.
Easy
01 Prison Break
02 Babylon
03 Pony Coder
04 Memeory
05 Sloppy & Paste (mobile)
06 Cooking for Hackers
07 Jigsaw
08 Disco Egg
09 Dial Trial (mobile)
Medium
10 Level Two
11 De Egg you must (not solved)
12 Patience (mobile)
13 Sagittarius…
14 Same same…
15 Manila greetings
16 git cloak –hard
17 Space Invaders
18 Egg Factory
Hard
19 Virtual Hen
20 Artist: No Name Yet (not solved)
21 Hot Dog
22 Block Jane
23 Rapbid Learning
24 ELF
Hidden
25 Hidden Egg #1
26 Hidden Egg #2
27 Hidden Egg #3

Continue reading “Hacky Easter 2018 writeup”

angstromCTF 2018 – writeup hellcode

The angstromCTF 2018 (ctftime.org) ran from 16/03/2018, 20:00 UTC to 23/03/2018 00:00 UTC.

As the description on ctftime.org states, the ctf is primarily geared towards high school students but with a very wide range of challenge difficulty.

There have been a lot of interesting challenges which have been fun to do. I decided to make a writeup for the pwn challenge hellcode.

Continue reading “angstromCTF 2018 – writeup hellcode”