Fancy Cache was another “Master Challenge” for PicoCTF. It featured a custom server, which allegedly creates a cache of strings. It’s up to us to break it!

Our team, vulnhub-ctf, joined picoctf to improve our skills and learn a thing or two. There were many challenges, among which a few “Master Challenges” worth 200 points. This is a story of how we tackled hardcore_rop. The challenge promises ASLR, NX, PIE and what-have-you, so let’s get cracking!

We managed to grab all of PicoCTF the flags and we ended with a 6105 point total score! Here are writeups of bitpuzzle, crudecrypt, low_entropy, makeaface, massive_fail, netsino, nevernote, no_overflow, obfuscation and web-interception. Lots of binary exploitation, reverse engineering and even some crypto!

I was asked to test Rasta Mouse’s awesome VM called Kvasir some time ago, which I always find an honor. I figured it was time to do a writeup!

This writeup is about Defcamp CTF’s Network 200. Again, we get a clue!

That ****ing manager got smarter. He moved to house number 22, but we got this: ****managers.pcap

We are again given an ip address. Upon visiting, it turns out to be some rudimentary page. I immediately spotted a LFI vulnerability, surfing to http://10.13.37.13/?page=../../../../../../etc/passwd.

For this challenge, we’re given the following clue:

My manager lives at 10.13.37.21. Any guest is always welcome. But he has a secret. Can you find it out?

A secret? Let’s dig in!

For Secure Hobby, a 250 point challenge, we were given a file and a place to connect to. The archive contained a binary, which looked okay enough to run. It opened a port on localhost. Upon connecting using nc, the program first crashes because it can’t find flag and namak. After creating those files and connecting again, we are presented with the following:

Lottery was a 100 point web challenge in the ASIS Finals CTF. The description only said ‘Go here: http://asis-ctf.ir:12437’. That webpage was mostly non-functional, but said that the 1234567890th visitor would win a prize. Gee, I wonder what that is? My browser informed me that there were no cookies, but I wasn’t convinced.

Hack.lu 2014 was a very fun, western-themed CTF. For the Union, we were given an executable and a place to connect to. We need to find secret.txt and the hint is that “not everything is what it seems”. Uh-huh.