Tag:ctf

All the articles with the tag "ctf".

• Omegapoint CTF 2023 - Rev & Crypto - Operation XMAS

  Posted on:January 1, 2024 |  at 02:55 PM

  Reverse engineering ransomware disguised as a PDF to decrypt encrypted files not knowing the decrypton key.

• Omegapoint CTF 2023 - Crypto & REV - The Polar Express

  Posted on:January 1, 2024 |  at 02:55 PM

  Reverse engineering python 3.10 bytecode from __pycache__ files to extract secret key from public discord bot repository using know plaintext attack.

• Omegapoint CTF 2023 - MISC - Nohtyp Playground

  Posted on:January 1, 2024 |  at 02:55 PM

  Python jail with no globals and only eval in locals. We need to dig deeper into python to get the flag.

• Omegapoint advent CTF 2023

  Posted on:January 1, 2024 |  at 02:55 PM

  Awsome advent CTF with two new challenges every sunday. I came in 4th place with all challenges solved except one.

• Omegapoint CTF 2023 - Web - Elf Signal

  Posted on:January 1, 2024 |  at 02:55 PM

  Realtime XSS in a chatroom using websockets to retrive secret messages.

• Omegapoint CTF 2023 - Web - Old Christmas Greeting

  Posted on:January 1, 2024 |  at 02:55 PM

  Bypassing mysql library's input validation to exploit MySQL datatype comparison and retrive the flag.

• Omegapoint CTF 2023 - Web - Return of the Grinch

  Posted on:January 1, 2024 |  at 02:55 PM

  Bypassing javascript input validation to exploit javascript datatype comparison and buy the socks.

• Omegapoint CTF 2023 - Web & Rev - Cozy Christmas

  Posted on:January 1, 2024 |  at 02:55 PM

  Reverse engineering javascript obfuscation to find a secret message.

• Writeup for S2G Web Challenge - The Net Ninjas

  Posted on:December 15, 2023 |  at 11:54 PM

  Bypass input validation to create a stored XSS payload to force admin to approve our user using ping attribute.

• Writeup for PicoCTF - Here's a libc

  Posted on:December 15, 2023 |  at 11:15 PM

  Buffer overflow challenge where we need to leak libc address and call system("/bin/sh")

• Writeup for S2G Web Challenge - Fishy

  Posted on:December 15, 2023 |  at 11:15 PM

  Bypass input validation and using SQL time-based data exfiltration to get the flag.

• Writeup for Patriot CTF 23 - Pick your starter

  Posted on:December 10, 2023 |  at 12:04 AM

  Python Jinja2 template injection challenge with input validation bypass through URL parameters.