TikTok - A tcache tutorial with our dear friend Ke$ha
April 23, 2020 | Pwn, Tcache, Ke$ha
PlaidCTF 2020 golf.so
April 22, 2020 | Misc Elf-metadata
The challenge description linked to
golf.so.pwni.ng, which had a scoreboard, and an upload page with the following instructions:
Injecting into 32-bit programs on macOS Mojave
March 01, 2020 | Misc, Mac32
32-bit programs on macOS Mojave are probably the most obscure configuration for Mac software. Due to various changes in Mojave, previous resources to inject into 32-bit programs are no longer functional. There have been posts on injecting into 64-bit programs, but the 32-bit resources have not been updated. This post details our work on writing a library injection tool for 32-bit applications on macOS Mojave.
hxp 36C3 CTF - Compilerbot
December 28, 2019 | Misc
The server for this challenge accepts C source code and compiles it into an executable using Clang. Our objective is to recover the contents of the flag file, but our code is never executed. The server only tells us whether the compilation was successful and produced no warnings.
HITCON Qualification - GoGo PowerSQL
October 20, 2019 | Web
This was a CGI binary written in C which used
libmysqlclientto query results given by the user, powered by the GoAhead embedded web server.
HITCON Qualification - LazyHouse
October 13, 2019 | Binary-exploitation
LazyHouse ended up being a 300 point pwn challenge from HITCON Quals 2019. It was a fairly straightforward menu-based heap binary, using libc version 2.29.
CSAW CTF Qualification - Pop Goes the Printer
September 15, 2019 | Binary-exploitation
Pop Goes the Printer was a 500 point pwn challenge from CSAW CTF Quals 2019. It was a fairly large binary framed as real printer software. The bugs felt accidental, and much of the code was irrelevant to the exploitation process, making it feel a lot more like a real-world target than a pwnable. RPISEC was the only solve for this challenge.
TokyoWesterns CTF 2019 - gnote
September 04, 2019 | Binary-exploitation
I found this challenge from TokyoWesterns CTF to be especially interesting and refreshing. The format is that of a standard Linux kernel challenge: we are provided with a kernel image, filesystem, and script to run everything under qemu. We have access to an unprivileged shell over ssh, and the flag is only readable by root. The author also provided source for the custom kernel module.
DEFCON CTF Quals 2019 Tania
May 13, 2019 | Reverse-engineering Crypto
‘Didn’t touch, check the rules.’ [cit.]
CSAW CTF Qualification - wtf.sql
September 18, 2018 | Web-exploitation
This challange was from the CSAW Qualification round this year. It consisted of a forum-like application on a webserver written almost entirely in SQL. It was solved by zap, negasora and Hawkheart