CSAW CTF 2014 is the second CTF contest I've attended ( the first one was the HITCON CTF 2014 ) . Since this is the first time I've actually solved something in the contest, I decide to post my first own writeup .
CSAW CTF 2014 -- Exploitation 200 pybabbies
CSAW CTF 2014 -- Exploitation 400 saturn
First the challenge gave us a binary file (ELF for Intel-386). But we can't execute it, cause we don't have the required shared library "libchallengeresponse.so". So we will have to launch IDA Pro to see what's going on within the program.
ASIS CTF Finals 2014 -- How much exactly + Lottery
Both challenges are kind of easy, so I decide to put their writeups together.
ASIS CTF Finals 2014 -- SATELLITE
Description: Connect here and find the flag: nc asis-ctf.ir 12435
After we connect to the server, it show us the following message:
ASIS CTF Finals 2014 -- TicTac
Description: Find flag in this file
SCTF 2014 -- Pwn200
SCTF is a CTF contest hold by XCTF ( seems like a Chinese version's CTFtime.org ). Teaming up with my labmates, we have a lot of fun solving the challenges, and scored 2161 pts with the final rank 13/659.
SCTF 2014 -- Pwn400
Similar with Pwn200, Pwn400 gave us a binary file, but no libc.so. Open it with IDA Pro and analyze it, we found some information:
SCTF 2014 -- Code400
Code400 gave us a python script
0CTF 2015 Quals -- geo-newbie
Talentyange gives lots of tedious apks and you know how bad he is now. Let's try some interesting geography knowledge.
nc 202.112.26.111 29995 / nc 202.112.28.118 29995
0CTF 2015 Quals -- (Baby)PolyQuine
Different people see different me.
But I am always myself.
202.112.26.114:12321Make the output of your program exactly the same as your source code.
All 5 correct required to get this flag (Only need 3 correct for BabyPolyQuine)$python2 --version
Python 2.7.6$python3 --version
Python 3.4.0$gcc --version
gcc (Ubuntu 4.8.2-19ubuntu1) 4.8.2$ruby --version
ruby 1.9.3p484 (2013-11-22 revision 43786) [x86_64-linux]$perl --version
This is perl 5, version 18, subversion 2 (v5.18.2) built for x86_64-linux-gnu-thread-multi
BackdoorCTF 2015 -- Binary + Misc
BackdoorCTF 2015
For me, this is a challenge for CTF beginners. Most of the challenges are easy to solve, although some of them require some "imagination"...
In this writeup, I'll post the solutions of all the binary challenges and the misc challenges that I solved in the CTF.
VolgaCTF 2015 Quals -- math problem
Category: PPC
Points: 300
nc mathproblem.2015.volgactf.ru 8888
This problem remind me of HITCON CTF 2014 -- 24
VolgaCTF 2015 Quals -- my little pwnie
Category: Pwn
Points: 250
Just another pwn task. Break in!
nc pwnie.2015.volgactf.ru 7777
my_little_pwnie
I solve the challenge after the end of the CTF, because I think this is a great challenge for practicing format string and sprintf BOF vulnerability. Special thanks to Lays for putting the exploit on the trello and let me have time to study the challenge.
ASIS CTF 2015 Quals -- grids
Category: Programming
Points: 300
In each stage send the maximun size of area that can be covered by given points as a vertex of polygon in 2D.
nc 217.218.48.84 12433
mirror 1 : nc 217.218.48.84 12432
mirror 2 : nc 217.218.48.84 12434
mirror 2 : nc 217.218.48.84 12429
ASIS CTF 2015 Quals -- Saw this (1 & 2)
Category: pwn
Points: 100 (Saw this-1), 400 (Saw this-2)
Survive and get the flag!
Note: This challenge contains two flags, one of them is easier to fetch, the other is harder.
The easier flag will be clearly indicated as "Flag 1", the harder flag as "Flag 2"
nc 87.107.123.3 31337
DEFCON CTF 2015 Quals -- r0pbaby
Category: Baby's First
Points: 1
r0pbaby_542ee6516410709a1421141501f03760.quals.shallweplayaga.me:10436
DEFCON CTF 2015 Quals -- mathwhiz
Category: Baby's First
Points: 1
mathwhiz_c951d46fed68687ad93a84e702800b7a.quals.shallweplayaga.me:21249
DEFCON CTF 2015 Quals -- catwestern
Category: Coding Challenge
Points: 1
meow
catwestern_631d7907670909fc4df2defc13f2057c.quals.shallweplayaga.me 9999
DEFCON CTF 2015 Quals -- wibbly-wobbly-timey-wimey
Category: Pwnable
Points: 2
Wibbly Wobbly Timey Wimey
Don't blink!
wwtw_c3722e23150e1d5abbc1c248d99d718d.quals.shallweplayaga.me:2606
AIS3 2015 pre-exam -- complete writeup
考量到參與 AIS3 2015 pre-exam 的人幾乎都是台灣人
這個 blog 的第一篇中文 writeup 就獻給這篇了 XD
基本上就是全包這次 exam 的所有題目
有問題歡迎留言討論