Since I needed to sign a document I thought about doing it with a Chinese paintbrush… Too bad my hand is not that steady, so just in case, I re-signed it with a common pen. Sadly I keep being forgetful, so I actually forgot where I left the two halves of the sigil I used …
Category: Writeups
Nov 13
Dobbertin Challenge 2012
The Dobbertin Challenge is issued every two years since 2006, in honor and memory of Prof. Hans Dobbertin. http://cryptochallenge.nds.rub.de:50080/ A simple JSON Web Service is provided, which processes PIN codes of users. A user can send his encrypted PIN to the Web Service, which decrypts and stores the PIN. The Web Service allows to use …
Nov 04
Hack.lu 2012 CTF Challenge #12 (500)
The famous zombie researcher “Donn Beach” almost created an immunization against the dipsomanie virus. This severe disease leads to the inability to defend against Zombies, later causes a complete loss of memory and finally turns you into one of them. Inexplicably Donn forgot where he put the license key for his centrifuge. Provide him a …
Oct 27
Hack.lu 2012 CTF Challenge #25 (200)
Heading up the steeple gave you and your companion a nice view over the outbreak situation in your city. But it also attracted a lot of unwanted attention. Zombies are surrounding your spot and are looking for an entrance to the building. You obviously need some bait to lure them away so you can flee …
Oct 26
Hack.lu 2012 CTF Challenge #3 (450)
3 – Zombies like PPTP Our intel shows us that the Zombies use a MS-PPTP like protocol and luckily we could intercept a challenge-response transmission of one of the Zombie outposts. The important thing for Zombies in this war is mass! Not only brain mass but their mass. So they built their PPTP protocol compatible …
Oct 25
Hack.lu 2012 CTF Challenge #17 (400)
17 – Zombieshop A new company offers a lot of anti zombie equipment to protect yourself. Unfortunately not everyone can buy the good stuff. Only privileged users may do so. We managed to create an account, but it is not privileged. Your mission is to buy “Anti zombie Spray”. zomboy53:killthezombies https://ctf.fluxfingers.net:2077/ Summary: bruteforce DES
Oct 25
Hack.lu 2012 CTF Challenge #14-15 (150+250)
14 – Safehouse It’s the middle of the night. Nothing but complete darkness and the moaing of approaching zombies surrounds you. You need to escape. Fast. There seems to be nothing to hide and nowhere to run. But then – a small dancing gleam appears while you are running through the blackness. Could it be? …
Oct 25
Hack.lu 2012 CTF Challenge #7 (200)
7 – python jail You are surrounded by zombies. You heard there’s a safe house nearby, but climbing fences is hard with a beer belly. Thank god, there’s another surviver over there. “Hey! Help me!”, you shout. He just laughs and shakes you off the fence. Asshole. Later, you see his dead body lying in …
Oct 25
Hack.lu 2012 CTF Challenge #4 (250)
4 – Reduced Security Agency Some of our guys broke into the Reduced Security Agency and stole the source of their highly secure login system. Unfortunately no one of them made it uninfected back and so we only have a part of the source. Now it’s your turn to break their system and login to …
May 13
Russian Spy in Santa Barbara
Last few months I have spent in Boston and recently had an opportunity to come to awesome Santa Barbara. Santa Barbara is a motherland not only of the longest (or one of the longest) an American television soap opera, which was very well known in Russia in 90s, but also University of California Santa Barbara (UCSB).
May 01
SIMD [250] (Pirating)
After examining some code retrieved by our operative we are unsure whether it was written by an evil genius or a google employee. We will let you decide. Summary: linux x64 binary, obfuscated xor
May 01
PlaidCTF 2012 – RSA [200] (Password Guessing)
We recently intercepted a plethora of robot transmissions but they are all encrypted with some strange scheme we just can’t quite figure out. Can you crack it? Summary: small public exponent: 3
May 01
PlaidCTF 2012 – Encryption Service [300] (Password Guessing)
We found the source code for this robot encryption service, except the key was redacted from it. The service is currently running at 23.21.15.166:4433 Summary: IV predict, byte-by-byte bruteforce
May 01
PlaidCTF 2012 – Nuclear Launch Detected [150] (Password Guessing)
Our spies intercepted communications and a file between 5 of the top 10 robo-generals and their nuclear bomb server. We must recover the final launch code from the 5 robo-general’s secret codes, so we can stop the detonation! Summary: Shamir’s Secret Sharing
May 01
PlaidCTF 2012 – Format [99] (Pwnables)
Up on a hill, far away, sits the robot king of old. While he was once great, he recently has seemed to just offer simple challenges. Vanquish him and bring honor to your team! Summary: rand guessing, format string exploitation