Posts by asterite
-
Unknocking write-up (CyBRICS CTF 2019 Quals)
Unknocking was a networking task on CyBRICS CTF 2019 quals.
-
GoogleCTF 2019 GPhotos writeup
The challenge is an image storage service implemented as a PHP script. The source can be retrieved via a hidden link on the main page. The script is running inside Apache. -
punchymclochface writeup (FAUST CTF 2019)
This is a RCE-as-a-service that runs COBOL code encoded in punch card images upladed by user. Hard parts are generating valid punch card images with desired code and writing COBOL that runs shellcode using available charset. Patch is
chmod -r data(disable listing in service data dir as flags are in randomly-named files). -
refrain write-up (0CTF/TCTF Quals 2019)
refrain was a misc task at 0CTF/TCTF Quals 2019 where you had to reconstruct input data from a program trace.