Really quick writeup while I remember. The clue consists of a pcap only. The pcap contains USB packet captures. We identify the type of USB device by using the vendor ID and the product ID which are announced in one of the types of USB packets. root@kali:~/google/for/for2# tshark -r usb.pcap -T fields -e usb.bus_id -e usb.device_address -e usb.idVendor -e usb.idProduct…

Here's something new for my blog. I finally tackled a mobile challenge. In the past I basically ignored them or at most, decompiled them to Java source and did a little fiddling. No way, not anymore, time to tackle one! There is no clue really, just the APK named illintentions.apk. We download and do all the normal APK style things…

VolgaCTF stepped up the difficulty this year over last year. Good stuff! Too bad they decided not to use IRC because they probably could've done a better job communicating. There were a lot of server issues and the programming (PPC) challenges were built to require way too many rounds. Tic-tac-toe was 2,000 rounds to begin with but it was quickly…

What a fun challenge. I've heard of some very simple solutions after I solved it but I'm fairly certain this way is the intended solution. We're given a server we can connect to (after solving a proof of work) that just drops us at a bash command prompt. There's very little to the clue, in fact, no text, just a…

Who doesn't love Pizza? Well actually I can't stand cheese but whatever, this challenge was fun but also quite easy. I started with standard recon, looking for low hanging fruit. I stumbled across the "blog" subsection of the website where there was a hint of a possible test point. Not usually thinking this would lead to too much, I asked…

Sorry but this challenge was not solved by me during the competition but afterwards I came to know the solution by way of IRC and wanted to document it in case I forget. It was only worth 2 points but was solved by very few teams during the competition. Normally I don't let this bug me but I missed these…

BKP for 2016 is over, fantastic CTF and this year they stepped it up with the difficulty and quality of challenges. BKP last year was the first CTF I've ever done so revisting BKP felt very sentimental for me. I liked the look of this challenge when it was posted during the CTF because I love me some RSA attacks.…

Close