Defcon 2020 Red Team CTF - Seeding Part 1 & 2 Last month was Defcon and with it came the usual rounds of competitions and CTFs. With work and family I didn't have a ton of time to dedicate to the Defcon CTF so I decided to check out the Red Team [...]
Last weekend I participated in the 2018 Metasploit Community CTF. It was a nice break from the Jeopardy style, exploitation heavy CTFs I tend to play in. The setup included two vulnerable VMs, 1 windows, 1 linux ( with a bunch of dockers), and one Kali attack VM. This was the first Metasploit CTF [...]
Flare-On 4 Challenge 11 Writeup For the last several weeks, I've been working through this year's Flare-On competition put on by FireEye. There was a broad range of challenges across various technologies with varying degrees of difficulty. I got to try out a few new tools and really enjoyed working through [...]
DIVIDED A little over a month ago, LegitBS held the qualifier for this year's DEF CON CTF. As the competition was nearing a close, the organizers released an atypical pwnable challenge, a Windows binary. There are only a handful of CTFs that tend to release Windows exploitation challenges and there is minimal [...]
This past week I had a few moments to play the EKOPARTY CTF with Samurai and it was alot of fun. This post will detail some of the solutions for the ones I helped solve as well as a couple others I finished after the fact. The organizers did a good job providing a [...]
A few weeks ago I heard about the annual hacking challenge put on by MWR InfoSecurity called Hackfu. I was about a month late to the game but figured I'd give it a go to see how many I could get. The competition consisted of 10 challenges interleaved into an interesting storyline [...]
As of late, I haven't had the opportunity to get any CTF write-ups posted on my blog. Part of the reason is because I've begun playing with a much larger team and I'm finding myself with lots of half solutions as I attack problems with groups of people. This would [...]
After having played the EKOParty pre-CTF a few week backs, I decided to take a quick look at what the conference CTF finals looked like. Unlike the pre-CTF, the finals CTF only ran for a couple of days rather than a whole week. I thought I'd warm up a little [...]
I decided to spend some time on this challenge given my little ruby experience; figured I could learn a thing or two. The source for the challenge showed that the logic consisted of two real stages. The user input was first checked for size and content. It was then passed to the eval command, [...]
The first thing I noticed about this pwnable challenge is that no source code was provided.... Uh oh. Connecting to the service returns <Simple loop greetings v1.3.3.7> [!] Type bye to quit Enter your name: The binary appears to take in your name and then tell you Hi. [...]
