Two easy problems from GrimmCon CTF

Competition Info https://grimmcon.ctf.games The website seems permanent down. Fruitify (Web) Description Come grab a tasty freshly made juice, they are delicious Solution Based on the title, I originally thought it's gonna be MongoDB as mango sounds similar to mongo and is a fruit. I clicked around and did not find much, so I clicked the … Continue reading Two easy problems from GrimmCon CTF

Pico Mini CTF 2020 Writeup

This will be the write up for 3 out of 5 problems in the recently concluded Picomini CTF 2020. 'Web Gauntlet' from Web category, 'OPT' from Reverse category, and 'Guessing Game 1' from Binary Exploitation category. Web Gauntlet (Web) Challenge Description Can you beat the filters? Log in as admin http://jupiter.challenges.picoctf.org:29164/ http://jupiter.challenges.picoctf.org:29164/filter.php Hints: You are … Continue reading Pico Mini CTF 2020 Writeup

OverTheWire Natas Write-Up (Part 3)

Introduction Natas is a web challenge series from OverTheWire. https://overthewire.org/wargames/natas/ User needs to get password to advance to next level. The password file is located in /etc/natas_webpass directory, only the correspond user can read the current and next level's password. This write up will show the necessary steps to get password. Natas 18 Source: <html> … Continue reading OverTheWire Natas Write-Up (Part 3)

OverTheWire Natas Write-Up (Part 2)

Introduction Natas is a web challenge series from OverTheWire. https://overthewire.org/wargames/natas/ User needs to get password to advance to next level. The password file is located in /etc/natas_webpass directory, only the correspond user can read the current and next level's password. This write up will show the necessary steps to get password. Natas 10 They say … Continue reading OverTheWire Natas Write-Up (Part 2)

OverTheWire Natas Write-up (Part 1)

Introduction Natas is a web challenge series from OverTheWire. https://overthewire.org/wargames/natas/ User needs to get password to advance to next level. The password file is located in /etc/natas_webpass directory, only the correspond user can read the current and next level's password. This write up will show the necessary steps to get password. Natas 0 Check source … Continue reading OverTheWire Natas Write-up (Part 1)

CSAWCTF 2020 Qualification Round Writeup

widthless (Web) Challenge Description Welcome to web! Let's start off with something kinda funky 🙂 http://web.chal.csaw.io:5018 Solution First, go to the actual website. Nothing looks special, next I checked source-code and found there is a comment saying something about "zwsp". After some researching, "zwsp" stands for "Zero-Width-Space", essentially some unicode characters which do not appear … Continue reading CSAWCTF 2020 Qualification Round Writeup