The qualifications for the Google Capture The Flag 2018 (ctftime.org) ran from 23/06/2018, 00:00 UTC to 24/06/2018 23:59 UTC.
The CTF was worked out very well. There have been plenty of interesting and creative challenges.
This time I decided to focus on the category web and managed to solve the challenge JS safe 2.0, which was the easiest one of the web-challenges based on the amount of solves. Nevertheless it really took my some time to dodge all the pitfalls I stumbled upon while solving the challenge.
Continue reading “Google CTF 2018 (Quals) – writeup JS safe 2.0”
As every year hacking-lab.com carried out the annual Hacky Easter event with 27 challenges. I could not spend as much time as I would have liked to on solving the challenges, but after all I managed to collect 25 of the 27 eggs and focused on this writeup.
Continue reading “Hacky Easter 2018 writeup”
The RCTF 2018 (ctftime.org) ran from 19/05/2018, 09:00 UTC to 21/05/2018 08:59 UTC.
I wrote the following writeup for the crypto challenge cpushop.
Continue reading “RCTF 2018 – writeup cpushop”
The angstromCTF 2018 (ctftime.org) ran from 16/03/2018, 20:00 UTC to 23/03/2018 00:00 UTC.
As the description on ctftime.org states, the ctf is primarily geared towards high school students but with a very wide range of challenge difficulty.
There have been a lot of interesting challenges which have been fun to do. I decided to make a writeup for the pwn challenge hellcode.
Continue reading “angstromCTF 2018 – writeup hellcode”
In the last lab we focused on Misc and Stack Cookies. In this next to last lab some characteristics when dealing with C++ are introduced.
The lab contains only two levels:
Continue reading “RPISEC/MBE: writeup lab09 (C++)”
While the last lab introduced the subject of Heap Exploitation, this lab focuses on Misc and Stack Cookies.
The lab contains three levels again ranging from C to A:
Continue reading “RPISEC/MBE: writeup lab08 (Misc and Stack Cookies)”
The Texas A&M University CTF (ctftime.org) ran for over one week from 17/02/2018, 00:00 UTC to 26/02/2018 00:00 UTC. There have been a lot of challenges starting at a very easy difficulty.
I did the five pwn challenges ranging from 25 to 200 points:
–> pwn1 (25 pts)
–> pwn2 (50 pts)
–> pwn3 (75 pts)
–> pwn4 (125 pts)
–> pwn5 (200 pts)
Continue reading “TAMUctf 18 – writeup pwn1-5”
After we have introduced ASLR and ways to bypass it in the last writeup, we will expand our exploits to the Heap in this lab.
In this lab there are only two levels:
Continue reading “RPISEC/MBE: writeup lab07 (Heap Exploitation)”
The previous lab focused on the subject of return oriented programming in order to circumvent data execution prevention. The next lab described in this writeup introduces ASLR.
The single levels of this lab range from C to A:
Note: ASLR should be enabled by now.
Continue reading “RPISEC/MBE: writeup lab06 (ASLR)”
In the last writeup we used different format string vulnerabilites in order to exploit the provided binaries. This writeup continues with lab05 which introduces DEP and ROP.
As usual there are three levels ranging from C to A:
Continue reading “RPISEC/MBE: writeup lab05 (DEP and ROP)”