Everything about security


March 2018

[Angstrom CTF 2018] Hellcode Write-up (Pwn200)

This program will execute any arbitrary code you give it! Well, almost any — it prohibits syscalls, and only gives you 16 bytes of space. These incredible security features were added at the last minute to ensure nobody can read… Continue Reading →

[Angstrom CTF 2018] File Storer Write-up (Web160)

My friend made a file storage website that he says is super secure. Can you prove him wrong and get the admin password? After we sign up and login, the website allows us to upload files from URLs. At first,… Continue Reading →

[Angstrom CTF 2018] Product Key Write-up (Reverse200)

Artemis wants a copy of Windows, but she doesn’t feel like paying for it. She decided to hack Microsoft’s servers to generate a product key, and found their verification software, which runs on Linux for some reason. Can you get… Continue Reading →

[Angstrom CTF 2018] The Best Website Write-up (Web230)

I have created what I believe to be the best website ever. Or maybe it’s just really boring. I don’t know. After checking the source code of the page, I noticed the following comment:

Then, I decided to check… Continue Reading →

[Angstrom CTF 2018] Rop to the Top Write-up (Pwn120)

Rop, rop, rop Rop to the top! Slip and slide and ride that rhythm… Here’s some binary and source. Navigate to /problems/roptothetop/ on the shell server to try your exploit out! Let’s analyze the file first.

The file is… Continue Reading →

[Angstrom CTF 2018] OFB Write-up (Crypto120)

defund made a simple OFB cipher, if you can even call it that. Here’s the source and the encrypted flag. Let’s look at the encryption script first.

First, it reads the flag.png and if the total number of bytes… Continue Reading →

Copyright © 2020 PwnDiary