TUCTF 2017 | Rev and Pwn Challenges

Challenge: Funmail Category: Rev Running the binary, we are prompted for a username and password. We already know the username, so we need to find out the password. This is easy enough because it is hard coded and can be discovered by running strings on the program. Now we log in with our credentials and read the email, which gives us our flag! Challenge: Funmail...

Read More

TUCTF 2017 | Web Challenges

Challenge: High Source Category: Web Accessing the web page and immediately looking at the source we get trolled. Nothing here... But what about in the login.js source? Oh hey, a password! Using this to login we then get our flag! Challenge: Cookie Duty Category: Web The first page we land on gives a good hint as to what this will entail...

Read More

TUCTF 2017 | VM Challenges

Challenge: Gateway Category: VM This CTF provided a VM which encompassed a number of different challenges, the first part of which is to actually access it. When booting up the VM, we find that the drive it's accessing is encrypted and you need a passkey to decrypt it. Luckily there is an unencrypted drive that is accessible. To access this, we...

Read More

RC3 CTF 2017

CTF: RC3 CTF 2017 Challenge Easy Peasy Type Pwn For this challenge we get a binary to download as well as a remote address/port that is running the same program. Upon connecting we are prompted for a key: After testing this out, I pulled up Hopper to analyze the binary. We can immediately see some interesting hex in our assembly, so checking...

Read More