CSAW 2013 :: Recon 100 :: ODIN

Posted on by and filed under CSAW 2013.

Being a common word, Google is not going to help us much. On the Official ISIS CSAW IRC channel, we find that there is an OP user snOwDIN. If we run /WHOIS on the user, we get a clue. [isis] |-INFO > snOwDIN [[email protected]] [isis] |-INFO > ircname : linkedin:chinesespies [isis] |-INFO > channels :… Read more »

CSAW 2013 :: Recon 100 :: Brandon Edwards

Posted on by and filed under CSAW 2013.

We start with a Google link https://www.google.com/search?&q=Brandon+Edwards where we quickly that his handle is DrRaid. If we add this to the search to simplify things, we find that he has some Twitter stuff, but that leads nowhere. Next we see a result for his GitHub https://github.com/drraid. We check his Public Activity https://github.com/drraid?tab=activity to find the Key in a… Read more »

CSAW 2013 :: Recon 100 :: historypeats

Posted on by and filed under CSAW 2013.

For this Recon, we start with the Google search https://www.google.com/search?&q=historypeats. This gives us some results. Checking the Twitter does not return much. We check the next result which is GitHub https://github.com/historypeats. We can check his history by clicking Public Activity https://github.com/historypeats?tab=activity. If we check his most recent Commit https://github.com/historypeats/putscan/commit/a31512af6e8f2ae76bce11c0bd363f899e3488d1, we find the key!

CSAW 2013 :: Recon 100 :: Kevin Chung

Posted on by and filed under CSAW 2013.

We start with a Google link https://www.google.com/search?&q=Kevin+Chung that leads us nowhere. Further investigation of his Judge page shows that he was a CSAW High School Forensics Finalist. This may be helpful to focus in on the correct Kevin Chung. We search “CSAW High School Forensics Finalist Kevin Chung” and the first result takes us to a page with… Read more »

CSAW 2013 :: Recon 100 :: Julian Cohen

Posted on by and filed under CSAW 2013.

Our clue takes us to https://www.google.com/search?&q=Julian+Cohen which starts our search. We quickly learn that Julian’s handle is HockeyInJune. We search again for that in Google and find some more results. This leads us to several of his accounts, one being the Wikipedia user http://en.wikipedia.org/wiki/User:HockeyInJune. There is a link to a website http://omnom.nom.co/ but this still does not have the key…. Read more »

CSAW CTF 2013

Posted on by and filed under Competitions.

When: BA2 210 from 8:00AM to 4:00PM HEC 101 from 4:30PM to 11:00PM on Sept 20th HEC 101 from 10:00AM to 10:00PM on Sept 21st CTF, the centerpiece of CSAW, celebrates the tenth anniversary of its illustrious history of inspiring undergraduates to learn more about computer security. CSAW’s challenges are uniquely designed to guide students… Read more »

29c3CTF 2012 :: Highandlow 100

Posted on by and filed under 29c3CTF 2012.

For this 29c3 CTF challenge, we are given a WAV. Upon first listening, one can hear DTMF tones, phone tones. There is still an abundance of high pitched noise too. First check with Audacity in the spectrogram:

29c3CTF 2012 :: Regexdb 100

Posted on by and filed under 29c3CTF 2012.

This challenge gave the description: Ever played Googlewhack? Well, this is a bit easier and gives you more power, enjoy. Googlewhack is when only one result comes up from two words being searched. In this case, they have their own database of strings and we can search to find something that returns only one result.

Hack.LU 2012 :: 23 Spambots

Posted on by and filed under Hack.LU 2012.

The trick here was to spot the vulnerability. The scripts loads html from a controlled webpage with @file_get_contents(). It then parses the html for forms with regex to solves a basic math problem, with unescaped eval(). Finally the page submits a post request to the controlled webpage with file_get_contents(). With that information determined from the… Read more »