ctf – Tunelko. Random (in)security.

CSAW. Red Team competition. «Babyrev»

Babyrev is reversing challenge on CSAW "Red team competition" where have to pass 99 rounds of input 4-digits code based on some check function. Main graph on IDA: Disassembly of check(): Dump of assembler code for function check: 0x0000000000400893 <+0>:…

CTF

Cybercamp 2018 quals: “Friend, where is my password?”

Intro As a frequently player on cybergames and ctf's this year wanted play on prequal of Cybercamp CTF 2018 organized by INCIBE. This allows me to take a snapshot of the maturity and quality of both platforms and challenges, apart from…

CTF

Cybercamp 2018 quals: «Oh my G0d!»

CTF

Cybercamp 2018 quals: «Unnecessary redundancy»

Intro

As a frequently player on cybergames and ctf’s this year wanted play on prequal of Cybercamp CTF 2018 organized by INCIBE. This allows me to take a snapshot of the maturity and quality of both platforms and challenges, apart from having a good time solving some problems (not always played as tunelko :))

CTF Wargame

BITSCTF – Tom and Jerry (50 points)

I have a little time to join on BITSCTF with my team defconUA and want to put some writeup on one of the task i was working. They give us a pcapng named 'Cat.pcapng'. Ok, challenge name is "Tom and…

CTF Wargame

n00bs CTF Labs by Infosec Institute – 2nd edition

Here another edition of n00bs infosec CTF. 13 Levels, i will add as soon as i can complete, so stay tuned and keep visiting this post. Remember first edition ?. Level 2 A simple calculator. Need to inject something that breaks…

CTF

n00bs CTF Labs by Infosec Institute

This time InfoSec Institute bring us the opportunity to learn a very basic concepts for n00bs on a CTF with 15 Levels. Level 1 Just browse the source and see the comment.  flag: infosec_flagis_welcome Level 2 Seems we…

CTF xmlrpc

CTF teaser Insomnihack 2015 [ynos – web100]

First, happy new year to all. This time we are going to see how to solve ynos task from the last weekend, Insomnihack 2015 teaser. Good work to the people behind the scenes :). This web task presents several vulnerabilites…

CTF NcN quals

MakeMeFeeWet^Hb [No cON Name 2014 CTF – QUALS]

This challenge has a a bit more complicated solution proceess and more fun to learn. We have a login page that stay inmmutable to our several injection attacks. The only weird thing is a comment on the source page, vim…

CTF NcN quals

WEBster [No cON Name 2014 CTF – QUALS]

This year "No cON Name Capture The Flag" quals had more than three challenges to compete for the final, so big thanks to organizers to extend last year limit. At now ( 09:27 am GMT+2 ), @DefCon-UA (dcua team) have…

CTF

Second NotSoSecure SQLiLab CTF

Dear fellow Hackers!, thanks for signing up for the 2nd SQLiLab CTF. The CTF is now on!. Before you go all out hacking the CTF, here are some rules of the engagement: 1. Strictly no brute-forcing. There is no need…

CTF

Mission 1 & Mission 2 Write-Ups – Security-BSides London

Hi all!. Last february i have participated on Security BSides Challenges, here: https://www.securitybsides.org.uk/challenge1.html https://www.securitybsides.org.uk/challenge2.html Yesterday @AlecRWaters contacts me to confirm that we get second position on both challenges. So got a ticket to this infosec conference. "Hi , I’m delighted to announce…

CTF Wargame

ASIS CTF – simple pcap «spcap» writeup

A simple task named spcap (simple pcap). We open it with wireshark and get the Statistics->Conversations. Some SSH, HTTP on it. Apply this filter on HTTP: ip.addr==172.16.133.133 && tcp.port==52694 && ip.addr==172.16.133.149 && tcp.port==80 We notice that if we follow TCP…

CTF Wargame

CTF Hack.lu: 20 – Nerd safe house (+100 pt) write-up

Mission This zombie apocalypse is a tough thing. Dozens of zombies are following you and looking forward to have a nice snack, when some fat guy appears. You outrun him easily, so eating all of him will keep the zombies…