My personal blog, where I will post things that I find interesting. Mainly CTF writeups for now.

US Cyber Open 2022 - Too Many Houses - Heap wizardry to stack pivot to arbitrary ROP chain execution


All these talks of houses are starting to ruin the fun of the hunt, maybe you can do something about that 0.cloud.chals.io:20887 Author: lms too_many_houses.tar.gz Too Many Houses was a binary exploitation challenge in the US Cyber Open CTF in 2022, which is the first step toward qualification for the US Cyber Team. At the end of the CTF, it was worth 1000 points and had only 1 solve.…
Read more ⟶

US Cyber Open 2022 - Gibson - Stack overflow to RCE on s390x


Can you really call it a “main"frame if I haven’t used it before now? Author: Research Innovations, Inc. (RII) gibson_s390x.tar Gibson was a binary exploitation challenge in the US Cyber Open CTF in 2022, which is the first step toward qualification for the US Cyber Team. At the end of the CTF, it was worth 1000 points and had 10 solves. I was the fourth solve on this challenge (could have been second if CTFd wasn’t glitching[1]😔).…
Read more ⟶

ImaginaryCTF 2021 - inkaphobia


Seems that random.org limits how much entropy you can use per day. So why not reuse entropy? https://imaginaryctf.org/r/505D-inkaphobia https://imaginaryctf.org/r/D39E-libc.so.6 nc chal.imaginaryctf.org 42008 tl; dr Leak stack using leaks in random number generation, use format string to write to the return address and ret2libc. solving Well, we got a binary, a libc, and a netcat connection. Upon running the binary, we see that it lets us “generate” 6 random numbers, and then asks for our name.…
Read more ⟶