admin
100. iip
http://lights-out-ctf.ghost.io/ructf-quals-2014-admn-100-iip/
200. Troubleshooting
http://tasteless.se/2014/03/ructf-quals-2014-for200-and-admin200-writeup/
300. Strange image
400. Compile
crypto
100. MD5
http://xrekkusu.hatenablog.jp/entry/2014/03/11/214753
200. Mary Queen
http://quangntenemy.blogspot.in/2014/03/ructf-quals-2014.html
http://xrekkusu.hatenablog.jp/entry/2014/03/11/224338
300. TLS
http://blog.dragonsector.pl/2014/03/ructf-2014-quals-tls-crypto-300.html
400. RuCTFCoin
500. Decrypt message
https://rdot.org/forum/showthread.php?t=3053&langid=1
forensics
100. Secret host
http://peterpen-ctf.net/?p=915
http://ctfwriteups.blogspot.in/2014/03/ructf-2014-quals-forensics-100-secret.html
200. Nosql
http://tasteless.se/2014/03/ructf-quals-2014-for200-and-admin200-writeup/
http://akaminsky.net/ructf-2014-forensics-200-nosql/
300. Secure data storage
400. So close
http://peterpen-ctf.net/?p=899
hardware
100. IR dump
200. hw_reverse
300. ADC
400. Microcontroller
https://stratum0.org/blog/posts/2014/03/11/ructf-quals-2014-microcontroller/
misc
100. Shredder
http://nullify-ctf.blogspot.in/2014/03/ructf-quals-misc-100-shredder-writeup.html
200. RuCTF radio
http://ctfwriteups.blogspot.in/2014/03/ructf-2014-quals-misc-100-shredder-misc.html
300. Bluetooth
http://blackcon.tistory.com/97
500. GSM
http://piggybird.net/2014/03/ructf-2014-quals-misc-500-gsm-writeup/
ppc
200. Maze
http://nullify-ctf.blogspot.in/2014/03/ructf-quals-2014-ppc-200-maze.html
300. Secret string
400. Minesweeper
recon
100. Favourite book
http://onthesystemsoftheworld.blogspot.in/2014/03/ructf-2014-qualifiers-recon-100300400.html
200. Stolen camera
300. Get the message
http://tasteless.se/2014/03/ructf-quals-2014-vuln100-and-recon300-writeup/
400. Landlord
http://onthesystemsoftheworld.blogspot.in/2014/03/ructf-2014-qualifiers-recon-100300400.html
500. The Card
reverse
10. Harm
100. Bad lib
200. No harm
300. Erl
400. PIN code
500. Arcfour
http://piggybird.net/2014/03/ructf-2014-quals-reverse-500-arcfour/
stegano
100. Cat's eye
http://nullify-ctf.blogspot.in/2014/03/ructf-quals-2014-stegano-100-cats-eye.html
200. HP
https://stratum0.org/blog/posts/2014/03/10/ructf-quals-2014-HP/
300. Nyan-task
400. Pixel video
vuln
100. Guess the flag
http://tasteless.se/2014/03/ructf-quals-2014-vuln100-and-recon300-writeup/
http://blog.0xdeffbeef.com/2014/03/ructf-quals-2014-guess-flag-vuln-100.html
200. Log aggregator
http://v0ids3curity.blogspot.in/2014/03/ructf-quals-2014-aggregator-vuln-200.html
300. Posts
400. Quest server
500. Sample mixer
web
100. php
http://nullify-ctf.blogspot.in/2014/03/ructf-quals-2014-web-100-php.html
200. es
http://tasteless.se/2014/03/ructf-quals-2014-web100-and-web200-writeup/
https://hackucf.org/blog/web-200-2/
300. Messengerrr
http://mage-ctf-writeup.blogspot.jp/2014/03/ructf-quals-2014-web300.html
400. irRSA
https://rdot.org/forum/showthread.php?t=3053&langid=1
500. Secritter
Other interesting links:
http://shell-storm.org/repo/CTF/RuCTF-quals-2014/
https://github.com/HackerDom
https://github.com/zed-0xff/ctf/tree/master/2014.ructf-quals
Sunday, March 16, 2014
Monday, January 27, 2014
GiTS CTF 2014 Quals writeups collection
Trivia
lugkist
http://tasteless.se/2014/01/gits-2014-lugkist-trivia-150/
http://commandlinewani.blogspot.in/2014/01/ghostintheshellcode-write-up-lugkist.html
inview
http://digitaloperatives.blogspot.in/2014/01/ghost-in-shellcode-2014-trivia-150.html
Crypto
Dogecrypt
http://digitaloperatives.blogspot.in/2014/01/ghost-in-shellcode-2014-crypto-75.html
http://commandlinewani.blogspot.in/2014/01/ghostintheshellcode-write-up-dogecrypt.html
CTF247
http://insertco.in/2014/01/19/ctf247-gits-2014/
http://blogs.tunelko.com/2014/01/19/ghost-in-the-shellcode-2014-write-up-ctf247/
phpcrypto
http://tasteless.se/2014/01/gits-2014-phpcrypto-recon-100/
https://github.com/ctfs/write-ups/blob/master/ghost-in-the-shellcode-2014/phpcrypto/README.md
Forensics
Revenge of Imgception
http://pastebin.com/q8Lf8M0w
Choose your Pwn Adventure 2
A Boaring Quest
http://tasteless.se/2014/01/gits-2014-a-boaring-quest-pwn-adventure-150/
Long live the queen
Cave of Nope
Unbearable
http://lockboxx.blogspot.in/2014/01/ghost-in-shellcode-2014-ctf-writeup.html
http://tasteless.se/2014/01/gits-2014-unbearable-pwn-adventure-75/
Rabbit of Caerbannog
http://tasteless.se/2014/01/gits-2014-rabbit-of-caerbannog-pwn-adventure-75/
Snow Down
DOS Attack
Ad Subtract
http://tasteless.se/2014/01/gits-2014-ad-substract-pwn-adventure-75/
Moon Boots
Portal
Pillowtalk
https://systemoverlord.com/blog/2014/01/19/ghost-in-the-shellcode-2014-pillowtalk/
Radioactive
http://tasteless.se/2014/01/gits-2014-radioactive-crypto-250/
Gitzino
http://ppp.cylab.cmu.edu/wordpress/?p=1140
Reverse Engineering
TrustMeMore
http://blog.zachorr.com/trustmemore/
PapSmear
http://balidani.blogspot.in/2014/01/ghost-in-shellcode-2014-papsmear-writeup.html
Pwnable
TI-1337
http://delogrand.blogspot.in/2014/01/ghost-in-shellcode-2014-ti-1337.html
gitsmsg
http://ppp.cylab.cmu.edu/wordpress/?p=1152
Fuzzy
http://ppp.cylab.cmu.edu/wordpress/?p=1146
Byte Sexual
Writeups collection @ http://digitaloperatives.blogspot.in/2014/01/gits-2014-write-up-collection.html
lugkist
http://tasteless.se/2014/01/gits-2014-lugkist-trivia-150/
http://commandlinewani.blogspot.in/2014/01/ghostintheshellcode-write-up-lugkist.html
inview
http://digitaloperatives.blogspot.in/2014/01/ghost-in-shellcode-2014-trivia-150.html
Crypto
Dogecrypt
http://digitaloperatives.blogspot.in/2014/01/ghost-in-shellcode-2014-crypto-75.html
http://commandlinewani.blogspot.in/2014/01/ghostintheshellcode-write-up-dogecrypt.html
CTF247
http://insertco.in/2014/01/19/ctf247-gits-2014/
http://blogs.tunelko.com/2014/01/19/ghost-in-the-shellcode-2014-write-up-ctf247/
phpcrypto
http://tasteless.se/2014/01/gits-2014-phpcrypto-recon-100/
https://github.com/ctfs/write-ups/blob/master/ghost-in-the-shellcode-2014/phpcrypto/README.md
Forensics
Revenge of Imgception
http://pastebin.com/q8Lf8M0w
Choose your Pwn Adventure 2
A Boaring Quest
http://tasteless.se/2014/01/gits-2014-a-boaring-quest-pwn-adventure-150/
Long live the queen
Cave of Nope
Unbearable
http://lockboxx.blogspot.in/2014/01/ghost-in-shellcode-2014-ctf-writeup.html
http://tasteless.se/2014/01/gits-2014-unbearable-pwn-adventure-75/
Rabbit of Caerbannog
http://tasteless.se/2014/01/gits-2014-rabbit-of-caerbannog-pwn-adventure-75/
Snow Down
DOS Attack
Ad Subtract
http://tasteless.se/2014/01/gits-2014-ad-substract-pwn-adventure-75/
Moon Boots
Portal
Pillowtalk
https://systemoverlord.com/blog/2014/01/19/ghost-in-the-shellcode-2014-pillowtalk/
Radioactive
http://tasteless.se/2014/01/gits-2014-radioactive-crypto-250/
Gitzino
http://ppp.cylab.cmu.edu/wordpress/?p=1140
Reverse Engineering
TrustMeMore
http://blog.zachorr.com/trustmemore/
PapSmear
http://balidani.blogspot.in/2014/01/ghost-in-shellcode-2014-papsmear-writeup.html
Pwnable
TI-1337
http://delogrand.blogspot.in/2014/01/ghost-in-shellcode-2014-ti-1337.html
gitsmsg
http://ppp.cylab.cmu.edu/wordpress/?p=1152
Fuzzy
http://ppp.cylab.cmu.edu/wordpress/?p=1146
Byte Sexual
Writeups collection @ http://digitaloperatives.blogspot.in/2014/01/gits-2014-write-up-collection.html
Wednesday, January 01, 2014
30C3 CTF writups collection
PWN
cwitscher 350
http://pastebin.com/jMbTX521
bittorrent 400
https://rzhou.org/~ricky/30c3/bittorrent.py
todos 300
http://codezen.fr/2013/12/30/30c3-ctf-pwn-300-todos-write-up-sql-injection-ret2libc/
http://balidani.blogspot.in/2013/12/30c3-ctf-todos-writeup.html
bigdata 400
https://rzhou.org/~ricky/30c3/bigdata.tx
DOGE1 100
http://thehackerblog.com/such-ctf-very-wow-30c3-doge1-writeup/
http://tasteless.se/2013/12/30c3-ctf-doge1-writeup/
DOGE2 400
http://pastebin.com/81CY5Pg2
HolyChallenge 500
http://blog.dragonsector.pl/2013/12/30c3-ctf-holychallenge-pwn-500.html
SANDBOX
int80 300
http://blog.dragonsector.pl/2013/12/30c3-ctf-int80-sandbox-300.html
yass 400
PyExec 300
http://blog.dragonsector.pl/2013/12/30c3-ctf-pyexec-sandbox-300.html
http://delimitry.blogspot.in/2013/12/30c3-ctf-2013-sandbox-300-pyexec-writeup.html
MISC
notesEE 400
https://johannes.user.aachen.ccc.de/notesee.sh
rsync 200
http://tasteless.se/2013/12/30c3-ctf-rsync-writeup/
http://dr0x0n.blogspot.in/2013/12/writeup-30c3-ctf-2013-rsync-200-rsync.html
NUMBERS
fourier 200
http://d.hatena.ne.jp/waidotto/20131230
guess 100
http://tasteless.se/2013/12/30c3-ctf-guess-writeup/
matsch 300
https://p.6core.net/p/aNV32Brb8OszIDtnP3r9X9Kp
angler 300
http://blog.zachorr.com/30C3-CTF-Numbers-300-angler/
Writeups Collection :
Lovely collection of writeups @ https://pads.ccc.de/wfijnKiUA4
**Thanks to @hellman and @Gunther_AR for pointing this nice treasure trove ;)
cwitscher 350
http://pastebin.com/jMbTX521
bittorrent 400
https://rzhou.org/~ricky/30c3/bittorrent.py
todos 300
http://codezen.fr/2013/12/30/30c3-ctf-pwn-300-todos-write-up-sql-injection-ret2libc/
http://balidani.blogspot.in/2013/12/30c3-ctf-todos-writeup.html
bigdata 400
https://rzhou.org/~ricky/30c3/bigdata.tx
DOGE1 100
http://thehackerblog.com/such-ctf-very-wow-30c3-doge1-writeup/
http://tasteless.se/2013/12/30c3-ctf-doge1-writeup/
DOGE2 400
http://pastebin.com/81CY5Pg2
HolyChallenge 500
http://blog.dragonsector.pl/2013/12/30c3-ctf-holychallenge-pwn-500.html
SANDBOX
int80 300
http://blog.dragonsector.pl/2013/12/30c3-ctf-int80-sandbox-300.html
yass 400
PyExec 300
http://blog.dragonsector.pl/2013/12/30c3-ctf-pyexec-sandbox-300.html
http://delimitry.blogspot.in/2013/12/30c3-ctf-2013-sandbox-300-pyexec-writeup.html
MISC
notesEE 400
https://johannes.user.aachen.ccc.de/notesee.sh
rsync 200
http://tasteless.se/2013/12/30c3-ctf-rsync-writeup/
http://dr0x0n.blogspot.in/2013/12/writeup-30c3-ctf-2013-rsync-200-rsync.html
cableguy 100
NUMBERS
fourier 200
http://d.hatena.ne.jp/waidotto/20131230
guess 100
http://tasteless.se/2013/12/30c3-ctf-guess-writeup/
matsch 300
https://p.6core.net/p/aNV32Brb8OszIDtnP3r9X9Kp
angler 300
http://blog.zachorr.com/30C3-CTF-Numbers-300-angler/
Writeups Collection :
Lovely collection of writeups @ https://pads.ccc.de/wfijnKiUA4
**Thanks to @hellman and @Gunther_AR for pointing this nice treasure trove ;)
Monday, April 22, 2013
Plaid CTF 2013 Writeups Collection
BINARY
100 - three_eyed_fish
http://broot.ca/blog/plaidctf-three-eyed-fish-binary-100
http://f00l.de/blog/?p=1781
_________________________________________________________________________________
100 - hypercomputer-1
http://f00l.de/blog/?p=1803
_________________________________________________________________________________
250 - cone
http://pastie.org/private/wpxsvcxllyryl9s8ffslqw#7
http://pastie.org/private/wpxsvcxllyryl9s8ffslqw
http://seg.fault.in/2013/04/plaidctf-2013-cone-250-write-up.html
_________________________________________________________________________________
250 - drmless
http://int3pids.blogspot.in/2013/04/plaidctf-2013-drmless-binary-250-write.html
_________________________________________________________________________________
400 - kavihk
http://int3pids.blogspot.in/2013/04/plaidctf-2013-kavihk-binary-400-write-up.html
http://pwnies.dk/post/kavihk-plaidctf-2013/
_________________________________________________________________________________
450 - cnot
http://www.skullsecurity.org/blog/2013/epic-cnot-writeup-plaidct
_________________________________________________________________________________
CRYPTOGRAPHY
100 - cyrpto
http://r3dey3.com/2013/04/plaidctf-crypto100/
http://scoding.de/plaidctf-2013-writeup-cyrpto/
_________________________________________________________________________________
200 - blech
http://leetmore.ctf.su/wp/plaidctf-2013-blech-crypto-200/
_________________________________________________________________________________
250 - compression
http://www.rajatswarup.com/blog/2013/04/21/plaidctf-2013-crypto-250-compression-writeup/
http://dave.frop.net/plaid_ctf_2013_writeup_crypto_250_compression
http://broot.ca/blog/plaidctf-compression-crypto-250
_________________________________________________________________________________
250 - giga
http://r3dey3.com/2013/04/plaid-ctf-giga-crypto-250/
http://pwnies.dk/post/giga-plaidctf-2013/
_________________________________________________________________________________
FORENSICS
150 - cat_rar
http://www.mikelisi.me/2013/04/plaid-ctf-2013-catrar-write-up.html
http://eindbazen.net/2013/04/pctf-2013-cat_rar-forensics-150/
_________________________________________________________________________________
350 - usbdude
_________________________________________________________________________________
PWNABLE
150 - secure_reader
http://pwnies.dk/post/securereader-plaidctf-2013/
_________________________________________________________________________________
200 - ropasauru
http://codezen.fr/2013/04/22/plaidctf-2013-pwnable-200-ropasaurusrex-write-up/
http://pastie.org/7693791
http://bases-hacking.org/ropasaurusrex-pctf2013.html
http://hackerschool.org/temp/pctf2013/ropasaurusrex_exp.py
_________________________________________________________________________________
250 - dynrpn
http://pwnies.dk/post/dynrpn-plaidctf-2013/
_________________________________________________________________________________
250 - pork
http://pastie.org/7693773
http://bases-hacking.org/pork-pctf2013.html
http://pwn3r.tistory.com/entry/Plaid-CTF-2013-pork
_________________________________________________________________________________
250 - e1000-1
https://github.com/moralfag/ctf/tree/master/pctf2013-e1000
_________________________________________________________________________________
WEB
150 - charsheet
http://www.cubalo.com/blog/?p=110
________________________________________________________________________________
400 - servr
This might come in handy.
http://bases-hacking.org/servr-pctf2013.html
_________________________________________________________________________________
20 - Unnnnlucky
http://magic-hat.ru/forum/viewtopic.php?pid=341#p341
_________________________________________________________________________________
100 - cheap
http://pwnies.dk/post/cheap-plaidctf-2013/
_________________________________________________________________________________
150 - Prove It
http://eindbazen.net/2013/04/pctf-2013-prove-it-misc-150/
_________________________________________________________________________________
400 - pyjail
http://darksaber.tk/wapiflapi/pyjail_escape.py
http://blog.pnuts.tk/2013/04/plaidctf-pyjail-story-of-pythons-escape.html
Repository/Miscellaneous collection:
http://shell-storm.org/repo/CTF/PlaidCTF-2013/
http://pwn3r.tistory.com/entry/Plaid-CTF-2013-Write-up-collection
100 - three_eyed_fish
http://broot.ca/blog/plaidctf-three-eyed-fish-binary-100
http://f00l.de/blog/?p=1781
_________________________________________________________________________________
100 - hypercomputer-1
http://f00l.de/blog/?p=1803
_________________________________________________________________________________
250 - cone
http://pastie.org/private/wpxsvcxllyryl9s8ffslqw#7
http://pastie.org/private/wpxsvcxllyryl9s8ffslqw
http://seg.fault.in/2013/04/plaidctf-2013-cone-250-write-up.html
_________________________________________________________________________________
250 - drmless
http://int3pids.blogspot.in/2013/04/plaidctf-2013-drmless-binary-250-write.html
_________________________________________________________________________________
400 - kavihk
http://int3pids.blogspot.in/2013/04/plaidctf-2013-kavihk-binary-400-write-up.html
http://pwnies.dk/post/kavihk-plaidctf-2013/
_________________________________________________________________________________
450 - cnot
http://www.skullsecurity.org/blog/2013/epic-cnot-writeup-plaidct
_________________________________________________________________________________
CRYPTOGRAPHY
100 - cyrpto
http://r3dey3.com/2013/04/plaidctf-crypto100/
http://scoding.de/plaidctf-2013-writeup-cyrpto/
_________________________________________________________________________________
200 - blech
http://leetmore.ctf.su/wp/plaidctf-2013-blech-crypto-200/
_________________________________________________________________________________
250 - compression
http://www.rajatswarup.com/blog/2013/04/21/plaidctf-2013-crypto-250-compression-writeup/
http://dave.frop.net/plaid_ctf_2013_writeup_crypto_250_compression
http://broot.ca/blog/plaidctf-compression-crypto-250
_________________________________________________________________________________
250 - giga
http://r3dey3.com/2013/04/plaid-ctf-giga-crypto-250/
http://pwnies.dk/post/giga-plaidctf-2013/
_________________________________________________________________________________
FORENSICS
150 - cat_rar
http://www.mikelisi.me/2013/04/plaid-ctf-2013-catrar-write-up.html
http://eindbazen.net/2013/04/pctf-2013-cat_rar-forensics-150/
_________________________________________________________________________________
350 - usbdude
_________________________________________________________________________________
PWNABLE
150 - secure_reader
http://pwnies.dk/post/securereader-plaidctf-2013/
_________________________________________________________________________________
200 - ropasauru
http://codezen.fr/2013/04/22/plaidctf-2013-pwnable-200-ropasaurusrex-write-up/
http://pastie.org/7693791
http://bases-hacking.org/ropasaurusrex-pctf2013.html
http://hackerschool.org/temp/pctf2013/ropasaurusrex_exp.py
_________________________________________________________________________________
250 - dynrpn
http://pwnies.dk/post/dynrpn-plaidctf-2013/
_________________________________________________________________________________
250 - pork
http://pastie.org/7693773
http://bases-hacking.org/pork-pctf2013.html
http://pwn3r.tistory.com/entry/Plaid-CTF-2013-pork
_________________________________________________________________________________
250 - e1000-1
https://github.com/moralfag/ctf/tree/master/pctf2013-e1000
_________________________________________________________________________________
WEB
150 - charsheet
http://www.cubalo.com/blog/?p=110
________________________________________________________________________________
400 - servr
This might come in handy.
http://bases-hacking.org/servr-pctf2013.html
_________________________________________________________________________________
20 - Unnnnlucky
http://magic-hat.ru/forum/viewtopic.php?pid=341#p341
_________________________________________________________________________________
100 - cheap
http://pwnies.dk/post/cheap-plaidctf-2013/
_________________________________________________________________________________
150 - Prove It
http://eindbazen.net/2013/04/pctf-2013-prove-it-misc-150/
_________________________________________________________________________________
400 - pyjail
http://darksaber.tk/wapiflapi/pyjail_escape.py
http://blog.pnuts.tk/2013/04/plaidctf-pyjail-story-of-pythons-escape.html
Repository/Miscellaneous collection:
http://shell-storm.org/repo/CTF/PlaidCTF-2013/
http://pwn3r.tistory.com/entry/Plaid-CTF-2013-Write-up-collection
Monday, March 25, 2013
iCTF 2013 writeup collection
water
https://rdot.org/forum/showthread.php?t=2671
http://h4des.org/blog/index.php?/archives/333-ictf-2013-water-write-up.html
airplane
https://alexbers.com/ictf2013/airplane/index.html
http://rep.github.com/ictf-2012-airplane-exploit.html
traintrain
http://www.blue-lotus.net/ictf-2013-traintrain-writeup/
nuclearboom
http://codezen.fr/2013/03/24/ictf-2013-ctf-nuclearboom-writeup/
powerplan
http://www.rogdham.net/2013/03/23/ictf-powerplan-write-up.en
curiousityblogger
http://www.blue-lotus.net/ictf-2013-curiosity-writeup/
Tuesday, March 19, 2013
Forbiddenbits CTF 2013 writeup collection
IMAfreak (400)
http://www.sinfocol.org/2013/03/imafreak-forbiddenbits-2013/
http://codezen.fr/2013/03/17/forbidenbits-ctf-2013-web-600-imafreak-write-up/
Invisible (150)
http://sysexit.wordpress.com/2013/03/17/forbiddenbits-ctf-2013-invisible-150-write-up/
http://ge0-it.blogspot.in/2013/03/forbiddenbits-ctf-writeup-invisible.html
Poir (150)
http://sysexit.wordpress.com/2013/03/17/forbiddenbits-ctf-2013-poir-150-write-up/
http://f0rmer.blogspot.in/2013/03/forbiddenbits-ctf-2013-poir-write-up.html
294 (250)
http://f0rmer.blogspot.in/2013/03/forbiddenbits-ctf-2013-294-write-up.html
old (50)
http://sysexit.wordpress.com/2013/03/17/forbiddenbits-ctf-2013-old-50-write-up/
Hidden 1 & 2
http://achn30.blogspot.ru/2013/03/forbiddenbits-ctfwrite-uphidden1-hidden2.html
Nazi War (200)
http://wiki.zenk-security.com/doku.php?id=forbiddenbits_2013_naziwar
x93 (350)
http://wiki.zenk-security.com/doku.php?id=forbiddenbits_2013_x93
x94 (250)
http://wiki.zenk-security.com/doku.php?id=forbiddenbits_2013_x94
Captain Crunch (250)
http://wiki.zenk-security.com/doku.php?id=forbiddenbits_2013_crunch
http://dxp2532.blogspot.in/2013/03/forbiddenbits-2013-crunch-250.html
Smelf (200)
http://v0ids3curity.blogspot.in/2013/03/forbiddenbits-ctf-2013-smelf-200-team.html
https://www.phx2600.org/forum/viewtopic.php?t=2405&p=6828#p6828
Monday, October 01, 2012
CSAW 2012 Quals - writeup collection
Trivia
http://eindbazen.net/2012/09/csaw-2012-trivia/http://the-ctf-guy.blogspot.in/2012/10/csaw-2012-trivia-challenges.html
Recon
Web
c4ca4238a0b923820dcc509a6f75849b - 100 Pointshttp://128.238.66.216/c4ca4238a0b923820dcc509a6f75849b/
Lara Anderton needs to break into PreCrime to free her husband, but they just installed a fancy new security system. Help her break into it!
Solutions:
http://eindbazen.net/2012/09/csaw-2012-web-100/
c81e728d9d4c2f636f067f89cc14862c - 200 Points
http://128.238.66.216/c81e728d9d4c2f636f067f89cc14862c/
Solutions:
http://eindbazen.net/2012/09/csaw-2012-web-200/
217 - 300 Points
http://128.238.66.217/
This is a website belonging to a horse-fighting gang. Even with an account, it's not clear what they're up to. Your task is to get administrator access and see if you can figure anything out. Your account is csaw_challenger/letmein123.
Solutions:
http://isisblogs.poly.edu/2012/09/30/csaw-ctf-horseforce-writeup/
CryptoMat - 400 Points
http://128.238.66.214/
CryptoMat is a site where you can send encrypted messages to other users. Dog is a user on the site and has the key. Figure out how to get into his account and obtain it.
Solutions:
http://blog.lse.epita.fr/articles/29-csaw-ctf-2012-web-400-writeup.html
Noderper - 500 Points
Derpsoft
Hello, QA personnel! As you know, we here at Noderpsoft are desperately trying to put the finishing touches on our Noderper web UI, and although we're super mega confident in the awesomness of our Web 12.0-centric strategy, we had some security consultant jerk tell us that our diagnostic interface was a Pastebin in the making.What a load of baloney! There isn't anything wrong with it, but just to satisfy the derpiest of derps, we thought we'd let you all prove us RIGHT! What better way to check the status of your system than with common Lunix commands, and even offer an awesome Web 2.5-3.0 (depending on who we're marketing to that day) friendly extensible interface?!?!??!?!?!?!?!??!?!?!
We hope you like Noderper as much as we do, and find zero bugs or mythical, so-called security vulnerabilities in it. Otherwise, you're fired.
Sincerely, and with all the hopes for the most ludicrous of V.C. money,
Roberto J. Quinetana
Solutions:
http://eindbazen.net/2012/09/csaw-2012-web-500/
http://blog.lse.epita.fr/articles/27-csaw-ctf-2012-web-500-writeup.html
https://github.com/quine/csaw2012/tree/master/noderp
eccbc87e4b5ce2fe28308fd9f2a7baf3 - 600 Points
http://128.238.66.216/eccbc87e4b5ce2fe28308fd9f2a7baf3/
Solutions:
http://eindbazen.net/2012/09/csaw-2012-web-600/
Reversing
csaw2012reversing.exe - 100 Points
csaw2012reversing.exe
csaw2012reversing.pdb
csaw2012reversing.pdb
Solutions:
CSAWQualificationEasy.exe - 200 Points
CSAWQualificationEasy.exe
Solutions:
CSAWQualification.exe - 300 Points
CSAWQualification.exe
Solutions:
csaw2012reversing - 400 Points
csaw2012reversing
Solutions:
8086100f.mrom - 500 Points
8086100f.mrom
8086100f.mrom.tmp
Exploitation
54321 - 200 Points
nc 128.238.66.218 54321
exploitation1-release
Read the key out of ./key in the current working directory.
Solutions :
http://xelenonz.blogspot.in/2012/10/csaw-ctf-exploit200-write-up.html
http://ppp.cylab.cmu.edu/wordpress/?p=954
4842 - 300 Points
nc 128.238.66.218 4842
Read the key out of ./key in the current working directory.
This binary has been changed to update the server.
Solutions :
http://eindbazen.net/2012/09/csaw-2012-exploitation-300/
http://ppp.cylab.cmu.edu/wordpress/?p=968
23456 - 400 Points
nc 128.238.66.213 23456
Read the key out of ./key in the current working directory.
Solutions :
http://ppp.cylab.cmu.edu/wordpress/?p=985
12345 - 500 Points
nc 128.238.66.213 12345
Read the key out of ./key in the current working directory
Solutions :
http://ppp.cylab.cmu.edu/wordpress/?p=1015
http://blog.lse.epita.fr/articles/31-csaw-ctf-2012-exploitation-200300400500-writeups.html
Forensics
version1.png - 200 Points
version1.png
Solutions :
version2.png - 200 Points
version2.png
core - 500 Points
core
Networking
telnet.pcap - 100 Points
telnet.pcap
lemieux.pcap - 200 Points
lemieux.pcap
Some dude I know is planning a party at some bar in New York! I really want to go but he's really strict about who gets let in to the party. I managed to find this packet capture of when the dude registered the party but I don't know what else to do. Do you think there's any way you can find out the secret password to get into the party for me? By the way, my favorite hockey player ever is mario lemieux.
dongle.pcap - 300 Points
dongle.pcap
timewave-zero.pcap - 400 Points
timewave-zero.pcap
According to Terence McKenna, the universe has a teleological attractor at the end of time that increases interconnecte dness, eventually reaching a singularity of infinite complexity in 2012, at which point anything and everything imaginable will occur simultaneously. He conceived this idea over several years in the early to mid-1970s while using psilocybin mushrooms and DMT.
Once you get the key, truncate it to 128 characters.
Solutions:
http://blog.lse.epita.fr/articles/30-csaw-ctf-2012-timewave-zeropcap-net400.html
Solutions:
http://blog.lse.epita.fr/articles/30-csaw-ctf-2012-timewave-zeropcap-net400.html
Writeup Collections :
https://docs.google.com/document/d/1CUX0KD-IJhOzHMLmxoJXGZH-r_IcI3665cLWiOewNxY/edit
http://blog.lse.epita.fr/articles/31-csaw-ctf-2012-exploitation-200300400500-writeups.html
http://blog.lse.epita.fr/articles/28-csaw-ctf-2012-for200-500net100-200re100-400web100-.html
http://ppp.cylab.cmu.edu/wordpress/?p=1003
Repository :
https://docs.google.com/document/d/1CUX0KD-IJhOzHMLmxoJXGZH-r_IcI3665cLWiOewNxY/edit
http://blog.lse.epita.fr/articles/31-csaw-ctf-2012-exploitation-200300400500-writeups.html
http://blog.lse.epita.fr/articles/28-csaw-ctf-2012-for200-500net100-200re100-400web100-.html
http://ppp.cylab.cmu.edu/wordpress/?p=1003
Repository :