HacktheonSejong2024

PNG [Forensics]

less than 1 minute read

Fix PNG by file magic bytes

Back to Top ↑
WargamesMY2023

Pak Mat Burger [pwn]

4 minute read

Format string attack to leak information to perform buffer overflow on binary with stack protection + PIE.

Back to Top ↑
BOH2023

Vaccines [Pwn]

3 minute read

Pwning faulty implementation of strlen and atoi functions in Haskell.

M1 [Pwn]

5 minute read

Simple ARM64 Return-Oriented Programming (ROP).

Locker [Pwn]

5 minute read

Subtle integer underflow to hijack control flow.

Back to Top ↑
ACS2023

Note [Code Audit]

3 minute read

Dangling reference leading to Use-After-Free (UAF). Second code audit challenge for ACS 2023 finals.

Licrackense [Binary]

3 minute read

Light RE with z3 + heap overflow. From ACS 2023 finals.

Expr [Binary]

1 minute read

Solve for flag checker that uses multithreading for flag check routine.

Key In Haystack [Code Audit]

6 minute read

Absence of stack initialization and subtle vulnerability to leak secrets read onto the stack.

Back to Top ↑
SECCON2023

Optinimize [RE]

14 minute read

Reversing program wrote in nim-lang that uses the bigints library for big integer math.

Back to Top ↑
WargamesMY2022

When am I [OSINT]

3 minute read

Simple OSINT challenge for hololive fans.

Old Vault [RE]

8 minute read

Reverse engineering PS2 game program to find correct password.

Back to Top ↑
DiceCTF2022

Typed [RE]

10 minute read

Flag checker made with Rust’s trait implementations and the Rust compiler.

Back to Top ↑
STANDCON2021

Space Playwright [RE]

4 minute read

Reverse a program written in Shakespeare Programming Language (SPL). Second RE challenge in STANDCON2021.

Ancient Computing [Forensics]

5 minute read

Study and understand a very old file spreadsheet format (WK1 for Lotus 1-2-3), then retrieve data stored in a cell. First forensics challenge from STANDCON20...

Airlock Breakout [RE]

4 minute read

JavaScript flag checking functions solved using z3-solver. First RE challenge from STANDCON 2021.

Back to Top ↑
CDDC2021

Take Control [Pwn]

4 minute read

Simple Return Oriented Programming challenge. Second pwn challenge in CDDC2021.

POP IT [Pwn]

1 minute read

Python code injection attack on an echo server. Third pwn challenge in CDDC2021.

Back to Top ↑
Plaid2021

The Watness III [RE, Web]

17 minute read

Reverse engineer a WebGL game by reversing its fragment shader program. First RE and Web challenge from Plaid CTF 2021.

Back to Top ↑
CTFSG2021

What do the numbas mean? [RE]

6 minute read

Analyze python Intermediate Representation and recover the flag. First RE challenge from CTF.SG 2021.

Haachama cooking [RE]

3 minute read

A simple Golang binary reversing challenge with some AES. Second RE challenge from CTF.SG 2021.

Back to Top ↑
DSO-NUS2021

Login [Mobile]

4 minute read

Simple mobile reversing challenge (that doesn’t require much mobile knowledge XD). First mobile challenge from DSO-NUS 2021.

FlashyLighty [Mobile]

5 minute read

Mobile reversing challenge that uses time of execution to check for conditions. Third mobile challenge from DSO-NUS 2021.

Three Trials [RE]

5 minute read

Simple reversing challenge with some math. First RE challenge from DSO-NUS 2021.

Insecure [Pwn]

3 minute read

Exploit a program that changes user privilege to root with setuid() to escalate privilege. First pwn challenge from DSO-NUS 2021.

NyaVM [RE]

5 minute read

Read. Understand. Patch. Get flag. A cool challenge that requires patching binaries. Second RE challenge from DSO-NUS 2021.

Back to Top ↑
DiceCTF2021

Dice Is You [RE]

9 minute read

A wasm reversing challenge using closure compiler to simplify code, and z3 to solve for final solution.

Back to Top ↑