Home

Digital Overdose 2021 Autumn CTF

The Digital Overdose Community brings it’s second community CTF to existence. It is a 2-day jeopardy-style CTF spanning multiple categories such as Web, Pwn, OSINT, Crypto, Stego, etc. Source Analysis - Boris First things first We are given an ELF x86-64 binary, let’s execute it and see what happens. ┌──(kali㉿kali)-[~/ctf/digitaloverdose] └...

Read more

Cyber Apocalypse 2021

22 April is International Earth Day and guess what… The Earth was hacked by malicious extraterrestrials. Their ultimate plan is to seize control of our planet. It’s only you who can save us from this terrible fate.

Read more

CactusCon 2021 - CTF

PWN - TPS Report 1 The binary is a 32-bit arm executable that allows creating, deleting and displaying of “jobs”. Upon connecting we see that one job is already “cached” inside the application with an address and an epoch timestamp next to it. The “path” field of the job creation function is vulnerable to a format string bug. We can use it to d...

Read more

HackTheBox - Intense

Enumeration Nmap: # Nmap 7.80 scan initiated Sat Jul 11 17:54:15 2020 as: nmap -sC -sV -oN nmap 10.10.10.195 Nmap scan report for 10.10.10.195 Host is up (0.043s latency). Not shown: 998 closed ports PORT STATE SERVICE VERSION 22/tcp open ssh OpenSSH 7.6p1 Ubuntu 4ubuntu0.3 (Ubuntu Linux; protocol 2.0) | ssh-hostkey: | 2048 b4:7b:bd:c...

Read more

HackTheBox - Multimaster

HackTheBox - Multimaster Foothold Webserver with /api/getColleagues SQL Injection with a WAF Bypass User Simple Data Exfil http://pentestmonkey.net/cheat-sheet/sql-injection/mssql-sql-injection-cheat-sheet https://blog.netspi.com/hacking-sql-server-stored-procedures-part-1-untrustworthy-databases/ https://blog.netspi.com/hacking-sql-server-...

Read more

SROP - Sigreturn Oriented Programming

A few months ago a colleague of mine created a simple buffer overflow challenge to teach others how to defeat ASLR. The program itself was written in assembly and only consisted of 3 syscalls more or less read, write and exit. The overflow was easy, there was no boundary check or anything and you could simply write data to the stack. Since the ...

Read more

RITSEC CTF 2019 - CictroKDF

Description The flag is encrypted and then base64’d. Here it is: E2zVOQfaRwYoMiTapzA03RQJJmtq1KuHTCuWGdVo/+w= To decrypt it you will need to implement the amazing Key Derivation Function called CictroKDF (not to be confused with the well-known CictroHash). After a key has been derived you can use it with AES ECB mode to decrypt the flag. The ...

Read more

TAMUctf 19

Information CTF Name : TAMUctf 19 Website : tamuctf.com Type : Online Format : Jeopardy CTF Time : link 100 - Where am I? - Misc What is the name of the city where the server for tamuctf.com is located? Figure out the ip address dig ctf.tamu.edu search on shodan: 52.33.57.247 Flag: Boardman 306 - I heard you like fil...

Read more