D-CTF 2014 :: Exploit 400 :: Paranormal Activity

Posted on by and filed under D-CTF 2014.

####disclaimer: this CTF involved a lot of guessing, and please note that other challenges were of far lower quality. reader beware. To start this challenge, you had to solve Exploitation 300. 300 consisted of googling a public webapp vulnerability. Once you’ve got a shell as the web user, you’ll see e4.hint in the root dir…. Read more »

CSAW 2014 :: Exploitation 400 :: greenhornd.exe

Posted on by and filed under CSAW 2014.

[gfm] For this challenge, we’re given an `.exe` file and a server that it’s running on. Running strings on the binary, we see that there’s a lot of text in the program. It’s all instructions on how to get started with Windows exploitation. One block that is particularly interesting is: ~~~ VULNERABLE FUNCTION ——————- Send… Read more »

BaltCTF 2013 :: PPC 300 :: Positive

Posted on by and filed under BaltCTF 2013.

If you ncat into the server for this challenge, you’re given instructions on how to play a game. This game is a direct copy of lights out, a computer science challenge. You can provide a series of coordinates to toggle, and this will toggle all of the adjacent cells. The goal is to have the… Read more »

PHDays 2012 :: Misc 400

Posted on by and filed under PHDays 2012.

This was a fun challenge. We are given “I am lost” and a remote host to connect to. Connecting via netcat gives us Hi there! Stupid CAPTCHA: enter your name, user40319 Entering the username gives us a bunch of mazes in this format…

PoliCTF 2012 :: Grabbag 300

Posted on by and filed under PoliCTF 2012.

The challenge in this problem was pretty clearly JavaScript unpacking. There was an image in base64 format in the html file given, and thus there was also the possibility of a steganography challenge. Here’s the block we were given:

Hack.LU 2012 :: 5 Tux Bomb

Posted on by and filed under Hack.LU 2012.

At the beginning of this problem, we’re given a Windows binary(.exe). Running it gives some inane output about a username and product key. This is a clue that it could be a keygenme or something more difficult(but it isn’t, yay!) So, we open the executable up in IDA. Taking a quick look at the string… Read more »