The hxp CTF happens every year along with the Chaos Communication Congress (a top security conference). This year was the 36th edition. This CTF is a major CTF, you know this when the CTF has a rating weight of 63.0 on CTFTime. Also, it is one of the qualifier events of DEFCON 2020 CTF.
I was playing solo on this one and gave one day to this CTF. I managed to solve 2 problems in the main CTF and 2 in the Junior CTF.
This was a very fun CTF. Kudos to the organizers. I loved the problems, very interesting as well as challenging. I played this CTF with my team, Abs0lut3Pwn4g3. Our final rank was 54th.
Rev Challeneges Timeout File: timeout
The binary is unstripped, so we can easily see the main function. The disassembly looks something like this.
The functions, signal, alarm and delay all serve the same purpose, basically to either exit the program or delay its execution for a long time.
I couldn’t give much time to the CTF because of some college work, but I gave a shot at the PWN challenges. The challenges became offline later but I still decided to work on the exploit scripts to make them work locally.
Pwn Challenges thefirst - 379 pts We can see in the image below that gets is being used to take the input. Hence it can be exploited for buffer overflow.
Perform medical image classification in a secure and privacy-preserving manner using Secure Multiparty Computation and Differential Privacy
A bit late for writeups, but still here are the solutions to the challenges I solved during the CTF. The CTF was from 15 Nov. 2019, 22:30 IST — Mon, 18 Nov. 2019, 10:30 IST. It was a decent CTF with quality challenges, from both beginner to advanced level.
Update: The scripts to solve and the flags are present in this repo.
I’ll do the writeups category-wise -
Crypto pre-legend — 100 pts
The Capture the Flag event for Codefest’19 was hosted from 8 pm, 23rd August 2019 to 12 noon, 24th August 2019 on Hackerrank.
The contest link can be found here. There were a total of 1532 registrations and 518 people who were successful in solving atleast one challenge.
So, onto the writeups.
Welcome to Codefest 19! (Intro Challenge — 100pts) This was the introductory challenge. I had tried to make it a bit difficult than the normal introductory challenges, but I felt that it proved to be a bit difficult for the beginners.
A study on fooling Machine Learning/Deep Learning based Network Intrusion Detection systems to prevent them from detecting intrusions
Implemented various papers on Linux Malware detection, where I analysed the structure of ELF files to determine whether they were malicious or benign. Approaches included the analysis of -
Symbol Table Opcode frequency ELF file metadata
These are the writeups to the problems I solved during the AngstromCTF.
MISC 1. Waldo1
We are given a zip file — flags.zip containing flags of countries. The file flag5.png, we see on opening has the flag.
Flag-Waldo1
2. Waldo2
In this problem, we are given multiple flag images in a folder. Judging by the problem, it seems that one image is different.
These are the writeups of the problems I solved over the weekend for the NeverLAN CTF 2018.