Collection of scripts and writeups

Overview

ctf-writeups

Tree

0ctf-quals-2017

  • EasiestPrintf (pwn 150pts)
  • char (pwn 132pts)
  • diethard (pwn 183pts)
  • pages (pwn 647pts)
  • uploadcenter (pwn 523pts)

0ctf-quals-2018

  • MathGame (misc 343pts)
  • MightyDragon (pwn 1000pts)
  • babystack (pwn 132pts)
  • hidden_message (misc 36pts)

0ctf-quals-2019

  • applepie (pwn 785pts)
  • calvino (pwn 234pts)
  • Elements (rev 107pts)
  • fixed_point (rev 275pts)
  • flropyd (misc 366pts)

34c3ctf-2017

  • LFA (pwn 401pts)
  • software_update (crypto 182pts)

asis-final-2017

  • Cute V8 (rev 138pts)
  • Dr. John Waston (pwn 273pts)
  • Enrage Me (rev 322pts)
  • Handicraft RSA (crypto 138pts)
  • Jim Moriarty (pwn 367pts)
  • Molly Hooper (pwn 343pts)
  • Mycroft Holmes (pwn 131pts)

asis-quals-2018

  • Cat (pwn 68pts)
  • Density (rev 148pts)
  • My Blog (pwn 147pts)
  • The true origin (rev/crypto 394pts)

codeblue-2017

  • nonamestill (pwn 447pts)
  • Demo Scene DB (pwn 479pts)

codegate-quals-2017

  • dartmaster (pwn)
  • hunting (pwn 350pts)
  • meow (pwn 365pts)
  • messenger (pwn 205pts)
  • pngparser (pwn 435pts)

codegate-quals-2018

  • 7amebox1 (pwn 843pts)
  • super_ftp (pwn 600pts)
  • zoo (pwn 980pts)

codegate-quals-2019

  • archiver (pwn 47.6pts)

defcon-quals-2018

  • It's-a me! (pwn 124pts)
  • shellql (shellcode, web 118pts)
  • TechSupport (pwn 177pts)

defcon-quals-2019

  • election_coin (pwn, reverse 271pts)
  • hotel-california (shellcoding 187pts)
  • shitorrent (pwn 162pts)
  • speedrun
    • 11 (shellcoding)
    • 12 (pwn)
  • veryandroidoso (android, reverse 139pts)

dragonctf-teaser-2018

  • faststorage (pwn 400pts)
  • production (pwn 343pts)

fbctf-2019

  • asciishop (pwn 985pts)
  • imageprot (rev 100pts)
  • kpets (pwn 940pts)
  • nomoreseacrypt (rev 985pts)
  • otp_server (pwn 410pts)
  • overfloat (pwn 100pts)
  • raddest_db (pwn 998pts)
  • rank (pwn 494pts)

google-ctf-quals-2017

google-ctf-quals-2018

  • APT42 (rev 288pts + pwn 420pts)
  • better_zip (crypto 231pts)
  • keygenme (rev 249pts)
  • sandbox-compat (pwn 420pts)
  • sftp (pwn 181pts)

hitcon-quals-2017

These challenges are created by me so there're scripts for creating them.

  • artifact (pwn 192pts)
  • real-ruby-escaping (pwn 327pts)
  • seccomp (rev 271pts)
  • two (misc 274pts)
  • footbook (web 384pts)
  • sakura (rev 218pts)
  • start (pwn 132pts)
  • void (rev 252pts)

hitcon-2018

These challenges are created by me so there're scripts for creating them.

  • EOP (rev 257pts)
  • abyss (pwn 230 + 292 + 262pts)
  • groot (pwn 305pts)
  • HITCON (pwn 327pts)
  • unexecutable (misc, pwn 360pts)

hitcon-quals-2019

These challenges are created by me so there're scripts for creating them.

  • PoE (pwn 284 + 500 + 500pts)
  • Welcome (welcome 50pts)
  • Revenge of Welcome (misc 105pts)
  • Suicune (rev 305pts)
  • heXDump (misc 202pts)

hitcon-2020

These challenges are created by me so there're scripts for creating them.

  • Revenge of Pwn (misc, pwn 255pts)
  • Tenet (misc, rev 222pts)
  • spark (pwn 334pts)
  • atoms (misc, pwn 296pts)
  • SOP (rev 305pts)
  • 11011001 (rev 255pts)

hitcon-2021

These challenges are created by me so there're scripts for creating them.

  • cclemon (reverse 271pts)
  • chaos-firmware ([crypto|pwn]+ 334pts)
  • chaos-kernel ([crypto|pwn]+ 421pts)
  • chaos-sandbox ([crypto|pwn]+ 450pts)
  • dtb (misc, pwn 450pts)
  • dtcaas (pwn 450pts)
  • mercy (reverse 305pts)
  • uml (pwn 265pts)

meepwnctf-2018

  • Coin (pwn 960pts)
    • simple writeup in the directory
  • ESOR (crypto 100pts)

plaidctf-2017

  • bb8 (crypto 200pts)
  • bigpicture (pwn 200pts)
  • Plaid Party Planning (pwn 400pts)

plaidctf-2018

  • potassium (pwn 400 + 150 + 250pts)
  • Re: Plaid Party Planning (misc 200pts)

plaidctf-2019

  • splaid-birch (pwn 300pts)
  • splaid-cypress (crypto 600pts)
  • suffarring (pwn 500pts)

rctf-2017

  • RCalc (pwn 350pts)
  • RNote (pwn 454pts)
  • RNote2 (pwn 606pts)
  • crackme (rev 714pts)

realworld-ctf-finals-2018

  • frawler (pwn 500pts)

realworld-ctf-quals-2019

  • Across the Great Wall (pwn 378pts)
  • anti-antivirus (pwn 290pts)
  • faX senDeR (pwn 224pts)

teaser-confidence-quals-2019

  • go-machine (rev 304pts)
  • oldschool (rev 128pts)
  • p4fmt (pwn 304pts)
  • pudliszki (rev 128pts)

twctf-2017

  • Steganographer Revenge (rev 500pts)

twctf-2018

  • EscapeMe (pwn 240 + 300 + 300pts)
  • REVersiNG (rev 447pts)

twctf-2019

  • MultiHeap (pwn 270pts)
  • SecureKarte (pwn 255pts)
  • simple_logic (crypto 95pts)

whitehat-grand-prix-2016

Issues
  • a question about footbook

    a question about footbook

    do port forwarding and use http://127.0.0.1:3000 for connection
    

    does it mean:I bind my local port 3000 to request this service??? I see the js use "location.host" to judge and the OAuth of dropbox can't use http unless host is local so should use a vulnerability to proxy???

    opened by rebirthwyw 5
  • A little question about hitcon 2018 abyss

    A little question about hitcon 2018 abyss

    Thanks 4 the great challenge! Learning a lot from it, still researching a little. But I found that for abyss 3rd level, you've used ioctl as a solution. Since there's already open, write and lseek in the kvm, can't we just open, lseek and write to /proc/self/mem? I want to make sure that if it is told during the game that remote server has no /proc/self/mem accessible, thanks.

    opened by Escapingbug 2
Owner
david942j
david942j @ 217
david942j
Learn how to connect your Flexispot (LoctekMotion) desk to the internet. This repository contains a collection of scripts to get your started, combined with research and instructions.

(image source: Windows Central) Turn your LoctekMotion/FlexiSpot desk into a smart desk Recently I acquired a new standing desk from FlexiSpot. During

Mick Vleeshouwer 158 Jul 27, 2022
A collection of scripts written in many different programming languages and each developed independently to perform very specific tasks (big or small)

Script Collection A collection of scripts written in many different programming languages and each developed independently to perform very specific ta

Giovanni Rebouças 5 Aug 31, 2021
A personal collection of Windows CVE I have turned in to exploit source, as well as a collection of payloads I've written to be used in conjunction with these exploits.

This repository contains a personal collection of Windows CVE I have turned in to exploit source, as well as a collection of payloads I've written to

null 75 Jul 2, 2022
PHP Encoder, protect PHP scripts in PHP 8 and PHP 7, High Performance, Compitable with X86_64, MIPS, ARM platform and Ubuntu/Centos/OpenWRT system.

What's FRICC2? FRICC2 is a PHP Script encryption tool. When you are developing a commercial software using PHP, the script can be distributed as encry

Hoowa Sun 31 Jun 30, 2022
emily - GNU/Linux applications and scripts launcher.

emily emily - GNU/Linux applications and scripts launcher. For What? Firstly emily has been maden as a replacement for i3-dmenu, because i don't like

null 1 May 13, 2022
Tooling and Scripts for Hacking Super Street Fighter II Cabinets

sf-cabinet Tools and utilities for modifying SF2 Cabinets What This repository contains research and tooling around the mini Street Fighter 2 cabinet

wrongbaud 12 Apr 14, 2022
Coleção de scripts para Linux que fornecem um Wallpaper dinâmico que muda com o tempo

DayPaper Solução básica de wallpaper dinâmico para Linux Introdução A maioria das engines de wallpapers animados são focadas em gifs, vídeos e slides

Talkys 3 Nov 25, 2021
This project contains three scripts to help working with the steam-runtime, especially outside of Steam.

This project contains three scripts to help working with the steam-runtime, especially outside of Steam. See these blog posts for more details: steam-

Jørgen P. Tjernø 11 Oct 22, 2021
Conjunto de scripts para treinar um Sistema de Recomendação Híbrido baseado nos algoritmos do scikit-learn

hybrid-rs-trainner Treine suas engines de recomendação with zero code! :) Sumário Sistemas de Recomendação Collaborative Filtering Content-Based Filte

Senior Sistemas SA 11 Jan 24, 2022
Scripts to help create QUIC version test vectors in RFC 9001 format.

quic-test-vector Scripts to help create QUIC version test vectors in RFC 9001 format. Just type 'make all' to build everything. There are two tools he

null 2 Jan 21, 2022
A utility to compile IW engine legacy UI scripts.

MENU Tool A utility to compile IW engine legacy UI scripts. Supported Games IW5 (Call of Duty: Modern Warfare 3) Usage ./menu-tool.exe <path> Disclaim

Xenxo Espasandín 2 Jan 31, 2022
RIAT is a free script compiler for Halo: Combat Evolved scripts

Rat In a Tube RIAT is a free script compiler for Halo: Combat Evolved scripts. To compile, you will need: CMake 3.14 or newer Python 3 or newer C11 co

Snowy 3 May 12, 2022
A collection of code snippets and examples showing syntax and capabilities of VEX language inside SideFX Houdini

VEX tutorial A collection of code snippets and examples showing syntax and capabilities of VEX language inside SideFX Houdini by Juraj Tomori How to u

Juraj Tomori 587 Jul 27, 2022
SilentPatch for Yakuza Remastered Collection (Yakuza 3, 4 and 5)

Yakuza Remastered Collection is a collection consisting of Yakuza 3, Yakuza 4, and Yakuza 5, released on PC in January 2021. At the time of writing this, the games have several issues, one of them being high CPU usage. Since currently no official patches have been released yet, this patch aims to resolve those issues in Yakuza 3 and Yakuza 4 (Yakuza 5 might come later).

Silent 20 May 7, 2022
sbase is a collection of unix tools that are inherently portable across UNIX and UNIX-like systems.

sbase is a collection of unix tools that are inherently portable across UNIX and UNIX-like systems.

Anton Samokhvalov 1 Nov 1, 2021
A collection of academic and personal projects demonstrating my proficiency in programming.

Best-README-Template An awesome README template to jumpstart your projects! Explore the docs » View Demo · Report Bug · Request Feature Table of Conte

Kevyn Higbee 1 Nov 18, 2021
"SaferCPlusPlus" is essentially a collection of safe data types intended to facilitate memory and data race safe C++ programming

A collection of safe data types that are compatible with, and can substitute for, common unsafe native c++ types.

null 315 Jul 13, 2022
Collection of DSA problems and solutions

Hi HACKTOBERFEST 2021 IS HERE ‼️ ‼️ ‼️ ?? What is Hacktoberfest ? ♦️ Hacktoberfest is a month-long challenge. It happens every year in the month of Oc

Arnab Chatterjee 15 Dec 1, 2021
An open collection of tools and experiments for rendering wide-gamut scene-linear data into an image for an SDR or HDR display device.

Open Display Transform An open collection of tools and experiments for rendering wide-gamut scene-linear data into an image for an SDR or HDR display

Jed Smith 121 Aug 8, 2022