I figured I’d try another VM from Vulnhub for a change. This is Lord of the Root v1.0.1.
CSAW 2015 - Pwn250
This CTF marked our team’s anniversary! We managed to pop this pwnable.
Ekoparty - Cry100
We’re given a public key and a encrypted flag, with the task to get the private key. I’m not very good at crypto challenges so I wanted to see if I could break this one and learn something in the process.
Ekoparty - Pwn200
Where on earth shall we begin? This one kept us busy for quite some time. The challenge gives no binary, just an address to connect to. Upon connecting, we get some kind of echo server. We quickly noticed a string format vulnerability:
CAMP CTF - Dkm
Writeup coming soon! For now, here’s the exploit.
CAMP CTF - Ropcalc
How could I resist a challenge called ropcalc?
CAMP CTF - Secret_File
In this case, we’re asked to retrieve a secret file and given.. another binary. What did you expect? ;-)
CAMP CTF - Hacker_Level
Easy 200 points.
CAMP CTF - Bitterman & Phobos
I rolled into the CampCTF while Swappage was already working on it. He had started on bitterman, a 400 point challenge.
CAMP CTF - Shell
shell was a pwnable from CAMP CTF. We’re given a 64-bit ELF binary, which shows the following when executed: