D-CTF 2014 :: Exploit 400 :: Paranormal Activity

Posted on by and filed under D-CTF 2014.

####disclaimer: this CTF involved a lot of guessing, and please note that other challenges were of far lower quality. reader beware. To start this challenge, you had to solve Exploitation 300. 300 consisted of googling a public webapp vulnerability. Once you’ve got a shell as the web user, you’ll see e4.hint in the root dir…. Read more »

CSAW 2014 :: Exploitation 400 :: greenhornd.exe

Posted on by and filed under CSAW 2014.

[gfm] For this challenge, we’re given an .exe file and a server that it’s running on. Running strings on the binary, we see that there’s a lot of text in the program. It’s all instructions on how to get started with Windows exploitation. One block that is particularly interesting is: ~~~ VULNERABLE FUNCTION ——————- Send… Read more »

BaltCTF 2013 :: PPC 300 :: Positive

Posted on by and filed under BaltCTF 2013.

If you ncat into the server for this challenge, you’re given instructions on how to play a game. This game is a direct copy of lights out, a computer science challenge. You can provide a series of coordinates to toggle, and this will toggle all of the adjacent cells. The goal is to have the… Read more »

PHDays 2012 :: Misc 400

Posted on by and filed under PHDays 2012.

This was a fun challenge. We are given “I am lost” and a remote host to connect to. Connecting via netcat gives us Entering the username gives us a bunch of mazes in this format…

PoliCTF 2012 :: Grabbag 300

Posted on by and filed under PoliCTF 2012.

The challenge in this problem was pretty clearly¬†JavaScript¬†unpacking. There was an image in base64 format in the html file given, and thus there was also the possibility of a steganography challenge. Here’s the block we were given:

Hack.LU 2012 :: 5 Tux Bomb

Posted on by and filed under Hack.LU 2012.

At the beginning of this problem, we’re given a Windows binary(.exe). Running it gives some inane output about a username and product key. This is a clue that it could be a keygenme or something more difficult(but it isn’t, yay!) So, we open the executable up in IDA. Taking a quick look at the string… Read more »