[Writeup] Split second

description : Split this shit http://web2.ctf.nullcon.net:8081/ Initial steps When we first opened the website, we were presented with a static page that shows a GIF but on viewing the source code there was an ajax request being sent var xhttp = new XMLHttpRequest(); xhttp.onreadystatechange = function() { if (this.readyState == Read more…

[Writeup] Obey The Rules

The government has released a new set of rules. Do you choose to be among those who follow them blindly or among those who read them first? Flag Path: /home/pwn/flag.txt Author: FeDEX Remote: nc 138.68.67.161 20001 Checking the given binary and its security flags Reversing Throwing the binary to IDA, Read more…

[Writeup] Pickle Store

Challenge: After I went bankrupt running my cookie store i decided to improve my security and start a pickle store. Turns out pickles are way more profitable! http://13.48.133.116:50000 By visiting the url we get the shop page By clicking buy to examine the request, we’ve found a base64 encoded cookie: Read more…

[Writeup] SCA101

Approaching the challenge we only get a simple description: nc 167.172.124.190 9002 Starting up by fuzzing the server with variable lengths of input, we always got the Bad Flag response but with varying time frames based on the input length then it wasn’t long until we realized that our input Read more…