Writeups | Status 418

HTB University CTF 2024: Binary Badlands

Alphascii Testing

Crypto

In this problem we are given the source code to a server to be accessed using `netcat`. In this server we have three options: login, register, and exit. The server claims to be using `MD5` to secure the credentials and that they are sure this is very secure. Any option passed to the server needs to...

HTB University CTF 2024: Binary Badlands

Reconstruction

Pwn

The problem give us a 64-bit ELF executable with PIE enable that prompt us to enter certain inputs to exploit the logic of the program to give us the flag. ### Gathering info: Checksec the executable give us: [...] Even though the program is PIE enable, it won't affect us as we will see later on.

HTB University CTF 2024: Binary Badlands

Security In The Front

Reverse

The problem gives us a single `index.html` file. If rendered, it has a login form asking for a guard name and an access code. By analyzing the code for the page, we will notice that the validation of the login credentials are handled in JavaScript directly on the client. The function...

HTB University CTF 2024: Binary Badlands

Armaxis

Web

The problem gives you access to two services: the Armaxis portal, and an email app. The email app states that your email address is `test@email.htb`, meaning that it will display emails sent to that address. The Armaxis portal contains only a login form with the option to register to the service.

World Wide CTF 2024

Too Hidden

Forensics

The problem provides us with a .pcap file for analysis. It expects us to find a flag hidden in it. The flag is not directly accessible in the `.pcap`. The only thing available is a trace of `echo` requests from one host to the server. The only difference between each one of the requests is a single...