September 24, 2014
Description OH NO WE’VE BEEN HACKED!!!!!! — said the Eye Heart Fluffy Bunnies Blog owner. Life was grand for the fluff fanatic until one day the site’s users started to get attacked! Apparently fluffy bunnies are not just a love of fun furry families but also furtive foreign governments. The notorious “Forgotten Freaks” hacking group […]
September 24, 2014
Writeup by mooh Description: location, location, location http://54.86.199.163:7878/ Written by ColdHeat We have a website with 3 links which show pictures of cats and dogs when we click on them. There is a form as well where we can enter an url and the bot will click on it. It sounds like a XSS […]
August 18, 2014
This is the picture we got: After downloading, I opened the picture with an image viewer and saved it again, only to compare the file sizes. As expected the original is much larger than the just saved one. Then I opened it in stegesolve to make sure I don’t miss anything. By looking at the […]
May 13, 2014
After extracting in this challenge we get an arguably big pcap file. As usual the problem here is to look for just anything helpful. A valid option in challenges like this, is just looking for all the files that were downloaded, which you can either do with wireshark by “Exporting objects” which is quite tiresome […]
May 11, 2014
After downloading and extracting we got a file which was identified as: Ok this looks like an audio or video file. Lets try to open it with a media player. Great we can open it, and hear that typical SSTV sound. Ok let’s open RX-SSTV and replay the audio file. Because we did this part […]
April 2, 2014
In this task, we have got a ciphertext and an oracle that we can use to encrypt data. Looking at the ciphertext we can see that is a big big number. Time to test the oracle: connect to the server and we’re greeted with “enter your text”. After entering some text, the ciphertext is diplayed […]
February 28, 2014
The website for this challenge said “120 times left” and had only a password field and a submit button. Trying something random we get False als response, go back to the main page and see we now have “118 times left”, so each POST or GET to the page decreases the number by one. The […]
February 26, 2014
The first challenge of the codegate 2014 ctf was a reversing challenge. Linux file command showed us: Ok it’s a 64Bit ELF binary, which means no “F5 in IDA”. Opening with IDA64, an alert popped up that there are more then 1000 Nodes to show. WTF? After changing the node limit the graph showed a […]
March 21, 2013
This challenge’s target was a binary with just 512 byte total size, named “bin.bin” and could be identified as “x86 boot sector”. So our first thought was: maybe it’s bootable – and it is! After booting up a VM with this file as disk (for VirtualBox: mount on loop, then VBoxManage createrawvmdk) we were confronted […]
March 21, 2013
The poir challenge was given as a binary file. It’s a “pcap-ng capture file – version 1.0”, so we opened it in wireshark to have a look at the data. It consists of about 10k pakets, mostly HTTP traffic, some SSDP searches. A closer look revealed: the HTTP pakets are request and responses on a […]