I participated in a very nice CTF over the weekend as a member of team Weak But Leet. The challenges were a good mix of ciphers, reverse-engineering and some unique challenges. We scored 4920 points and were placed 10th. We also scored a first blood on one challenge. This CTF was more of a ‘puzzle-solving’ type CTF, rather than a purely security-centric one. Had a good mix of ciphers. And more importantly, the puzzles were constructed to be engaging and not be too guessy. ...
Checked out some challenges in JerseyCTF ...
Being constrained for time this weekend, I was able to tackle only one or two challenges in NCSU’s HackPack 2023. There was an interesting binary challenge that I used to learn more about Angr. Solved a challenge that was a tongue-in-cheek attempt at mimicking the LLM/ChatBot craze. ...
Bucket CTF - April 2023 I had a fantastic time playing in this CTF as part of team Weak But Leet. We scored 15939 points and were placed in the second place after some great last minute heroics. I mainly worked on MISC, REV and CRYPTO challenges. My team mates are way too fast on the PWN and WEB challs. ...
1nj3ct0r Standard USB HID capture in the pcapng. Look for usbcap.data where usb_datalen==2 and translate. Quick Heal Pieces of QRcode all over the video. Step through with VLC and capture the frames. Resize and assemble with Gimp. Gives half a flag. ffmpeg to extract audio. Open in audacity and view spectrogram. Gives morse code that will give second half of the flag. Mystery of Oakville Town Steghide on the photo -> gives license plate of escape vehicle....
A couple of interesting challenges I solved in HTB CTF. ...
Markdown Syntax test page
Garys Sauce - Writeup Created Sunday 01 May 2022 simulation/flag_tb.v flag_capture fc(.clk(clk), .rst(rst), .BTNL(BTNL), .SW(SW), .disp(disp)); The workhorse is the main loop that takes the last character (8 bits) of the flag, sets the signals (SW) based on their binary values. These signals are bound to the SW variables for the flag_capture function. That is where we need to look next. reg [7:0] mask = 8'b11111111; initial begin SW = 16'b0000000000000000; BTNL = 1'b0; for (i=1; i <= 38; i=i+1) begin SW = flag & mask; #20; BTNL = 1'b1; #20; BTNL = 1'b0; #40; // The flag is processed from the back, and shifted right by 1 char flag = flag >> 8; end end src/flag_capture....