Vos

Author's details

Date registered: September 14, 2010

Latest posts

  1. CyBRICS 2020 Lite — July 20, 2020
  2. CyBRICS CTF 2019 — we’re making a full-fledged one! — July 13, 2019
  3. hack you ’17 :: easy CTF on Oct 8—14 — October 5, 2017
  4. hack you spb @ 17 Oct 2016 — October 15, 2016
  5. DEFCON CTF Survival Guide (2014) — September 5, 2015

Most commented posts

  1. RuCTFe rocks, iCTF is fine, rwthCTF are assholes — 14 comments
  2. IFSF CTF Small Challenges (#4, #5, #6, #14, #15) — 9 comments
  3. Defcon CTF Quals 2013 – All Web Challenges (3dub) — 5 comments
  4. Hack.lu 2010 CTF #17 (Brainfuck) writeup — 4 comments
  5. Defcon CTF Quals 2013 – \xff\xe4\xcc 4 (penser) — 4 comments

Author's posts listings

Feb
26

CodeGate 2012 Quals Vuln500 Write-up

1.234.41.7:22 ID : yesMan PWD : ohyeah123 Download vulnerable binary. Vuln500 was a hardened format-string vuln with ASLR, NX-stack, no-DTORs, RO .dynamic

Feb
26

CodeGate 2012 Quals Net400 Write-up

Because of vulnerability of site in Company A, database which contains user’s information was leaked. The file is dumped packet at the moment of attacking. Find the administrator’s account information which was leaked from the site. For reference, some parts of the packet was blind to XXXX. Answer : strupr(md5(database_name|table_name|decode(password_of_admin))) (‘|’is just a character) Download… Continue reading »

Feb
13

IFSF CTF #7 (X99) Write-up

this is one of their machines which have very sensitive informations , try to get for us the password 208.64.122.27 PORT : 3000 X99 carries a synthetic vulnerability that allows a char-by-char password bruteforce.

Feb
13

IFSF CTF Small Challenges (#4, #5, #6, #14, #15)

Contents #4 ER #5 Change #6 Call me #14 Seek me #15 Embedded docs

Feb
13

IFSF CTF #8 (X98) Write-up

we know it’s about some secret agents , but we need more than that 208.64.122.234 PORT 3000 X98 is a remote CTB task with a shell injection vuln.

Jan
21

HackIM 2012 Wormholing Write-up

Hey! This is the writeup on wormholing. Essentially, it allows you to score 1st place without solving any tasks :)

Aug
03

LeetMore at XSS Night Club

leetmore checking out vegas night clubs

Aug
03

Leet More at BlackHat’11

giving a talk about physical perimeter security

Aug
03

0day airplane terminal sploit (no disclosure)

Apr
28

Not a write-up.

Dec
05

Наши успехи на iCTF 2010 (схематично)

Oct
31

Hack.lu 2010 CTF #1 (Fun 300, Rock Lizard Spock) writeup

On the high seas, the nights get boring. Try to win the game against the captain! pirates.fluxfingers.net port 6565/tcp Let’s go & connect there: > nc pirates.fluxfingers.net 6565 /9j/4AAQSkZJRgABAQEAYABgAAD//gAJbWQ1d2luc//bAEMABQ MEBAQDBQQEBAUFBQYHDAgHBwcHDwsLCQwRDxISEQ8RERMWHBcT <…> EgWAYlOhQqadCpxQPCn4JDjQoVacgqCQ4dtCAY4+FChVJb7BVE A6fCnKIB0+FChSuX3C8XQPuhoUKFd+JM//Z The service gives us some base64 and waits 2 seconds for reply. Unbase64ing the data, we get this jpeg: There is no… Continue reading »

Oct
31

Hack.lu 2010 CTF #13 (My Cool Blog) writeup

Captain Rumbarrel is shocked because he found out that the filthy pirate Boozybold has stolen a whole shipment of rum! So Rumbarrel wants his revenge by hacking Boozybolds cool blog. Unfortunately he can not hack, so help him and get 250 gold coins! From main page of his cool blog, we get three main points:… Continue reading »

Oct
31

Hack.lu 2010 CTF #3, #11, #14 (Most Epic Challenges :) writeup

Task #3 – Like skies that are so blue Sometime even pirates have a lazy sunday… download 0.  1. Open in your favorite image editor (ms paint) 2. Do a fill: 3. Md5 of the original file is the answer: 032c49411912397eea2a7d906dab5f7e Task #11 – Ecrime Business Cap’n Bill Greasepalms wants to start an ecrime business.… Continue reading »

Oct
31

Hack.lu 2010 CTF #17 (Brainfuck) writeup

You found a backdoor on Captain Brainfuck’s webspace. Exploit it and read his secret file! The page only says ‘happy hacking’, so what would we be doing without its source… [source mirror] “Source” in fact is a zip archive with php code appended: PK <..zip binary trash..> <?php @ob_clean();$z=zip_open(__FILE__); eval($f=zip_entry_read(zip_read($z),1000));@ob_end_flush();?> It simply reads itself (the… Continue reading »

Older posts «

» Newer posts