Category Archives Write-Ups

First part of a long series of well thought out challenges in the RHme2 CTF. This one was the "introduction" one but it was tricky and certainly worth the 400 points I feel. Here's my approach which I believe is different to how some others solved it. First, the clue: A senior technical manager of a fridge manufacturer demanded the…

Riscure RHme2 is finally over! What a marathon CTF. I actually spent a tonne of time on this CTF over the past few months, mainly because I had never looked at embedded hardware systems in the past. So I had to gain my skills from never having even used Arduino to performing side channel analysis and fault injection, reverse engineering…

Quick challenge for a quick 250 points. So hopefully a quick writeup! Here's the clue: Our guy inside e-corp was able to get that packet capture of their backend PKI you asked for. Unfortunately it seems they're using TLS to protect the modulus fetch. Now, I have been told that the best crackers in the world can do this in…

HackIM time again. This year seemed slightly better organized than last year. Some nice challenges. I don't think this challenge was worth 350 points but I'll document my solution anyway in sort of a "what not to do" when making a crypto challenge. Here's the clue including the image they gave as a description: Breaking Bad Key Exchange Hint 1…

Cool challenge that I've wanted a reason to solve for a while because I always miss these in CTFs of the past (Tokyo Westerners CTF had a good, harder one previously). The clue we're given is a LSB Oracle. It contains a python script and a PE32 Windows executable. At first glance you're thinking, a local Windows binary oracle? Just…

Very unimaginativly entitled challenge with a lot of hints should have been pretty straightforward. And yeah it was pretty much so a very quick writeup this time. The clue was: Memory Analysis 100 points Find the website that the fake svchost is accessing. You can get the flag if you access the website!! memoryanalysis.zip The challenge files are huge, please…

Wasn't able to login to this CTF until about 3 hours before it was over. So we got what we could solved in that time. This challenge was fun and I'll go through my solution very fast. Firstly here's the clue: Please find Cthulhu's magic here. Attachment: server.rb When you visit the link you don't get much except for a…

Quick writeup for this one so I remember it for later. Although this CTF ran all week, we sorta need that, since it took about a day for the challenge GUI to load every time you clicked something. Ugh. Anyways, this was an interesting challenge because it appeared very simple but I wasn't immediately solving it using quick tricks. Anyway…

Close