STANDCON 2025 Badge Building a electronic badge has been on my TODO list for quite a while, and I jumped at the chance to build one for STANDCON. The idea has sat in a corner for so long partly because I've always wanted to do more than just a few blinking
Times Times is a work conceptualized by Victoria Hertel as part of Bad Clocks: Alley through a Pinhole involving 12 bells that sound when the audience walked around them. The work was finalized and built over the course of 2 weeks, so please excuse the rough edges should you spot any
Cyber League Major 2 2022 SecQuiz I have enabled most of the security mechanisms. I guess my binary is secure. Note: the flag is stored in flag.txt Running checksec, we see we have all security mitigations enabled: ➜ bin-secquiz checksec secquiz [*] '/home/justin/cl2/bin-secquiz/secquiz' Arch: amd64-64-little RELRO: Full RELRO Stack: Canary
Projects (W)AVE 2.0 - Haptic Cloth What if we could touch light? Tactility of Light and (W)AVE began to explore this idea by using light-reactive haptics to explore a space. From a technical perspective, the method of implementation limited the density of the haptics. Naturally, we asked (and attempted to answer) "how can we
RaRCTF 2021 Web Secure Storage Check out our secure storage solutions for all your secure storing needs! featuring our new secure enclave™️ where secrets are stored securely™️ https://securestorage.rars.win/ https://secureenclave.rars.win/ The author writeup can be found here. The challenge is explained in far greater detail there, while
STANDCON CTF 2021 Pwn Space University of Interior Design Storytelling is the root of interior design. Author: zeyu2001 We're given shell access to a machine, logged in as guest. We start poking around and notice a few interesting things: We see that python3.7 has the suid bit set. Given the
3kCTF-2021 Web online_compiler Compile & run your code with the 3k online compiler. Our online compiler supports multiple programming languages like Php, Python,... We're given source code of a web app - interesting snippets: @app.route('/save',methods = ['POST']) @cross_origin() def save(): c_
CTF.SG CTF 2021 Quick writeups for the challenges I wrote: Web Touch Of The Paranoid We're happy to announce that we now support multi-factor authentication. Our login portal is now bulletproof and unhackable! Our first user mentioned something about Google Authenticator... PS: No bruteforce is needed, you will be throttled if
DSO-NUS CTF 2021 Mobile Login It's time for a simple, relaxing challenge. Can you find the correct credentials? Decompile the apk with jadx: public class LoginDataSource { private String m_password = "7470CB2F2412053D0A3CEC3D07CAE4A4"; ... public String getJavaPassword() { try { return AESTools.decrypt(this.m_password); } catch (Exception e) { e.printStackTrace(); return ""
STACK the Flags 2020 Binary Exploitation Beta reporting system The developer working for COViD that we arrested refused to talk, but we found a program that he was working on his laptop. His notes have led us to the server where the beta is currently being hosted. It is likely that there are bugs
TISC20 Stage 1 We're given an encrypted zip file and told that the password is a hex string. Generating a wordlist and feeding it to fcrackzip solves this. import itertools with open("hex_wordlist.txt", "w") as f: for c in itertools.product("0123456789abcdef&
ALLES! CTF 2020 OnlyFreights Check out my OnlyFans OnlyFreights! A website to classify all the freight ships. NOTE: There is a secret cargo stored at /flag.txt, but you need to convince the /guard executable to hand it to you! Relevant source code provided: app.put('/api/directory*', (req, res) =>
CSICTF20 The Viet Cong is transmitting a secret message. They built a password checker so that only a selected few can view the secret message. We've recovered the binary, we need you to find out what they're trying to say. Official writeup can be found here. undefined8
CTF Cyber Defenders Discovery Camp 2020 [RE (Windows)-2] Dissect Me LET THE GAMES BEGIN! Open Ghidra. Load binary. Go through the entire binary because its labelled reverse engineering, then find the Bitmap embedded in the binary. [RE (Windows)-3] Cheat Me Be patient :) Then you can get what you want. [!W!A!R!N!I!
CTF redpwnCTF 2020 pwn/kevin-higgs It's basically Rowhammer, right? This challenge is a golf challenge where teams can flip a certain number of bits anywhere in memory. The number of bits that can be flipped goes up over time until a team first solves the challenge, at which point the number
CTF Zh3r0 CTF 2020 Help We're given a binary with a few useful functions. The first of which: void ok(void) { ssize_t sVar1; undefined local_28 [32]; puts("Hello world."); g = g + 1; if (g == idontknow) { sVar1 = read(0,local_28,0x29); if (sVar1 == 0) { puts("Why couldn\
CTF WeCTF 2020 Challenge files can be found here. lightSequel Shou just learnt gRPC! Go play with his nasty API! We're given source code for a gRPC service built in Golang. One function in particular looks interesting: func (s *srvServer) GetLoginHistory(ctx context.Context, _ *pb.SrvRequest) (*pb.SrvReply, error) { md, _ := metadata.
CTF HSCTF 7 (2020) Got It Oh no, someone's messed with my GOT entries, and now my function calls are all wrong! Please, you have to help me! I'll do anything to make my function calls right! This is running on Ubuntu 18.04, with the standard libc. Connect with
CTF Defenit CTF 2020 Bad Tumblers [Precondition] 0. Hundreds of wallets contain about 5 ether (tumbler) 0. Hackers steal more than 400 ethers through hacking per exchange 0. Hacker commissions ethereum tumbler to tumbling 400 ether from his wallet 0. After tracking the hacking accident that reported by exchange A, we confirmed that it
CTF RCTF2020 Switch PRO Controller I bought a Switch PRO Controller!! It’s really cool! Two files are provided: * Packet capture of some form of USB HID device * Screen recording of someone typing out a flag with a on-screen keyboard The screen recording unfortunately, has the flag visually obscured. The objective here
CTF Hack-A-Sat Qualifiers 2020 SpaceDB The last over-the-space update seems to have broken the housekeeping on our satellite. Our satellite's battery is low and is running out of battery fast. We have a short flyover window to transmit a patch or it'll be lost forever. The battery level is critical
Projects Singapore Robotic Games 2020 After the not so successful run last year, I started planning for another run. The biggest issue was my choice of tracks, which offered close to no traction. The other problem was the weight of the drive system - being nearly 2kg, there was very little left for other components.
