Spellbook - HackTheBox University
Write-Up of Spellbook from HackTheBox University CTF. This is a heap challenge on libc 2.23 involving fastbins.…
Locked - 4/4 - InterIUT2022
Introduction I attended the CTF InterIUT, where I placed 2nd with my team. Here is a write up of the last Forensic challenge (which in fact was a reversing challenge), which I've been the only one to solve. At the beginning, the executable wasn't present in the initial statement, but…
Rhopla - InterIUT2022
Initial Statement The goal of this challenge is simple. Gain an access over the server using a vulnerability in the software. Although this is a quite typical exploitation, there was only two solves on this challenge. Analysis First thing to do with this kind of challenge is execute the file…
Avatar Generator - FCSC 2022
Initial Statement Not much information on what we have to do, let's inspect the application. Introduction Here is how the application looks. Basically we can see a seed, and two colours. We can generate a new avatar and share it on twitter. We can also see we can contact the…
MC Players - FCSC 2022
Initial Statement We have a web server using the MC Status library and we have the source code of the application. Introduction First thing to do with that kind of web challenge is read the source code to better understand the technologies and spot the vulnerabilities. Source code analysis Here…
TV23 - MidnightFlag
Énoncé TV23 - 500 points Auteur: SpawnZii Solution Note: J'ai rejoué ce chall en local après le CTF pour écrire le Write Up Merci à Spawnzii pour les sources ! En arrivant sur le challenge, on ne voit qu'une page de configuration par défaut apache. On check évidemment les fichiers classiques,…
Bien plus qu'une simple Galerie - MidnightFlag
Énoncé Bien plus qu'une simple Galerie - 500 points Auteur: 0xSysRell Solution Note: j'ai rejoué ce chall sur un docker en local après le ctf pour faire le write up. Merci à 0xSysRell pour les sources :) En arrivant sur le site web, nous pouvons voir une galerie de photo de…
CTF Inter IUT - Simple
Simple - 50 points Introduction This challenge was the first pwn challenge of the CTF. Statement: Récupérez le contenu du fichier flag.txt situé sur le serveur simple.interiut.ctf en ssh avec l'utilisateur chall et le mot de passe chall. Get the content of the flag.txt file on…