Posts by WGH

• Jun 17, 2021

  Lonely Island write-up (FAUST CTF 2021)

  Lonely Island was one of the tasks on FAUST CTF 2021.

  This task was a multiplayer FPS game based on Godot engine. This is something you don’t see on CTFs often, let alone on attack-defense ones. One notable example I can think of is Pwn Adventure on Ghost in the Shellcode CTF many years ago. Although Pwn Adventure was considerably more complex, it was a jeopardy competition, and yet Lonely Island appeared on an attack-defense CTF.

• Sep 17, 2019

  caidanti write-up (Real World CTF 2019 Quals)

  Caidanti was a reverse/pwn task with two flags.

  The task had two binaries - caidanti and caidanti-storage-service, running on Google’s Fuchsia operating system, which is currently under active development.

• Sep 6, 2019

  printf write-up (Tokyo Westerns CTF 2019)

  printf was a pretty typical pwn task: you get binary, libc, network address, and you have to gain an RCE. The vulnerability is an unsafe alloca which allows one to cross the gap between stack and libraries.

• Jul 31, 2019

  Unknocking write-up (CyBRICS CTF 2019 Quals)

  Unknocking was a networking task on CyBRICS CTF 2019 quals.

• Jun 24, 2019

  DevMaster 8000 and 8001 write-up (Google CTF 2019 Quals)

  DevMaster 8000 and DevMaster 8001 were sandbox challenges on Google CTF 2019 quals.

• Mar 27, 2019

  If on a winters night a traveler write-up (0CTF/TCTF Quals 2019)

  “If on a winters night a traveler” was a pwn task on 0CTF/TCTF Quals 2019. You have to pwn a custom buggy encryption algorithm for Vim.

• Mar 27, 2019

  refrain write-up (0CTF/TCTF Quals 2019)

  refrain was a misc task at 0CTF/TCTF Quals 2019 where you had to reconstruct input data from a program trace.

• May 14, 2018

  EC3 write-up (DEF CON CTF 2018 Quals)

  Elastic cloud compute (memory) corruption (or EC3 for short) was a binary pwn task on recent DEF CON CTF 2018 Quals.

• Dec 15, 2017

  slot machine write-up (Google CTF 2017 Finals)

  “slot machine” was a hardware task in the reverse-engineering category on Google CTF Finals 2017, which took place in Zurich back in October 2017.

• Nov 8, 2017

  2manypkts write-up (Nuit du Hack CTF Quals 2017)

  This task is a remote x86_64 binary (both binary and libc were provided), tagged as “pwn” and “network”. The goal is to exploit some vulnerability to gain remote code execution.