SSH : 208.64.122.235
guest:guest
Category: exploitation
Summary: format string bug, ASLR and NX
Feb 13
IFSF CTF 2012 #9 – X97
Feb 05
Gits 2012 #13
File was running at kimjongun.final2012.ghostintheshellcode.com : 2645
Summary: buffer overflow, reverse
Feb 05
Gits 2012 #12
File was running at gratis.final2012.ghostintheshellcode.com:3030
Summary: reverse, x64, filtering parameters error
Jan 30
Gits 2012 # – Crypto 400
Jan 30
Gits 2012 #14 Pwnable (300)
Jacked
file running at jacked.final2012.ghostintheshellcode.com:2121
Summary: weak random, BlackJack bot, format string
Jan 30
Gits 2012 #7 – Reversing (300)
Question: Fanatic
300 Points
Remeber the past. (Link)
Here we have a NES emulator written on javascript. ROM can easily be dumped from there.
Jan 30
Gits 2012 #5 – Forensics (400)
Question: VoxVeritas
400 Points
Find the secret passage. (File)
Jan 30
Gits 2012 #11 Packet (300)
Question: Noughts and crosses
300 Points
Solve the puzzle! tictactoe.final2012.ghostintheshellcode.com:9797
Jan 30
Gits 2012 #19 – Crypto 250
Question: SuperSecure
250 Points
Use your team name and generate a valid answer. (File)
Summary: xor-chained sha256 and sha512
Jan 27
MozillaCTF 2012 AwesomeCorp. Secured Ranges (300) Writeup
One evening, you decide to take a look at the website of Awesome Corp., a competitor which you suspect of reverse-engineering parts of your software and using these code pieces in their own product. Unfortunately, you got no proof, so you begin to investigate on your own.
Soon enough (insert random webhacking stuff here), you get access to an administrators inbox. It seems like they use a custom authentication system which manages access to internal resources like SVN servers and such. It is called ‘Secured Range’ and is in use since January 2011, as the logs state. All you manage to retrieve before an administrator throws you out of the system are two binaries of their login system:
AwsmCrp.PRKG-for-Secured-Ranges.exe
AwsmCrp.Auth-Token-Retrieval.exeThe first seems to update masterkeys every few months, the latter produces authentication tokens for the employees. Try to get hold of the system’s current master key to solve this challenge.
Category: reversing
Jan 26
MozillaCTF 2012 SecureFileLock (250) Writeup
This very secure locking mechanism encloses files and only gives them to you when you know the passphrase. Find it and you will have the flag.
Category: reversing
Summary: find out a xor cipher, use xortool to get the key
Jan 21
HackIM 2012 Wormholing Write-up
Hey! This is the writeup on wormholing.
Essentially, it allows you to score 1st place without solving any tasks :)
Jan 08
GitS 2012 Teaser AL’s Revenge
Category: reverse, crypto
Summary: LLVM bytecode with polynomial inversion
file