I figured I’d try another VM from Vulnhub for a change. This is Lord of the Root v1.0.1.

This CTF marked our team’s anniversary! We managed to pop this pwnable.

We’re given a public key and a encrypted flag, with the task to get the private key. I’m not very good at crypto challenges so I wanted to see if I could break this one and learn something in the process.

Where on earth shall we begin? This one kept us busy for quite some time. The challenge gives no binary, just an address to connect to. Upon connecting, we get some kind of echo server. We quickly noticed a string format vulnerability:

Writeup coming soon! For now, here’s the exploit.

How could I resist a challenge called ropcalc?

In this case, we’re asked to retrieve a secret file and given.. another binary. What did you expect? ;-)

Easy 200 points.

I rolled into the CampCTF while Swappage was already working on it. He had started on bitterman, a 400 point challenge.

shell was a pwnable from CAMP CTF. We’re given a 64-bit ELF binary, which shows the following when executed: