1. 33C3 CTF: Fun times

    pdfmaker (75 points)

    The first challenge I tried was pdfmaker. Surprisingly I spent way too much time on this simple starter challenge. I initially planned to use this challenge as a warm up but ended spending about 10 hours on it, mostly due to me overlooking simpler solutions that are …

    read more
  2. TUM CTF: boot2brainfuck

    According to the description, hxp provides us with a brainfuck (BF) execution service where we can send BF programs over netcat and execute them. To help, they provide us with a script that translated BF programs into a DOS, 16-bit COM executable.

    Now as a reminder, DOS COM executables are …

    read more
  3. AMD SEV attack surface: a tale of too much trust

    AMD recently announced the new Secure Encrypted Virtualization (SEV) extension that intends to protect virtual machines against compromised hypervisors/Virtual Machine Monitors (VMMs). An intended use-case of SEV is to protect a VM against a malicious cloud provider. All memory contents are encrypted and the cloud provider cannot recover any …

    read more
  4. AsiaCCS and China

    The last three weeks I've been traveling through China, Hong Kong, and Macau on an interesting security tour thanks to this year's AsiaCCS being held in Xi'an, China. AsiaCCS was right after Oakland, so I flew directly from San Francisco to Xi'an China and then continued to visit friends at …

    read more
  5. Trend Micro CTF: base64 (crypto 500)

    Due to other commitments I only had little time to play during this CTF and when I arrived on Saturday (the 2nd day of the competition) our b01lers were already hacking away and we were hovering somewhere around 100.

    For quite a while I looked trough some of the others …

    read more
  6. CSAW: sharpturn

    For this challenge we were given a corrupted git repository. We started by checking out the git repository (using git clone) and checking the consistency of the repository (using git fsck):

    Checking object directories: 100% (256/256), done.
    error: sha1 mismatch 354ebf392533dce06174f9c8c093036c138935f3
    error: 354ebf392533dce06174f9c8c093036c138935f3: object corrupt or missing
    error: sha1 …
    read more

« Page 3 / 8 »

links

social