[PatriotCTF'23] Guessinggame
Guessing Game Description No one seems to be able to guess my favorite animal… Can you?
You can download the source file here
Decompilation First, let’s disassemble the file and have a look inside.
At first glance, it seems like the correct answer is Giraffe. However, if we continue reading, we see that no matter what input we give, it will always reject our input 馃槩
Solution In the decompilation output above, we can see that the program is using gets to retrieve user input.
[PatriotCTF'23] Rouge Access Point
Patriot CTF: Rouge Access Point This was an OSINT challenge where we had to find the SSID of an access point, given the BSSID.
The Challenge We've received a notice from our companies EDR software that a laptop was attacked while they were on WFH. The employee says they were at home when it happened, but we suspect they were using public wifi. Our EDR software managed to capture the BSSID of the wifi (46:D1:FA:63:BC:66) network before it got disconnected, but not the SSID.
[PatriotCTF'23] Unsupported Format
Patriot CTF: Unsupported Format This was an image fixing forensics challenge, where they gave a corrupted image file. The point was to fix the image and retrieve the flag.
The Challenge My friend sent me a picture of his brand new computer, but something strange happened to it and now it says "Unsupported Format" when I try to open it. Can you try to help me recover the image? Trying to open the attached challenge image file would result in something like this:
[DuCTF'23] Faraday
DUCTF'23: Faraday This was a pretty interesting OSINT challenge which made use of GSMA’s Location API, to determine a target’s location using their phone number. It verifies if the device location is within a requested area based on their network activity (cell tower triangulation, GPS and Wi-Fi hotspot data)
The Challenge faraday | 100 | medium | 359 Solves We've been trying to follow our target Faraday but we don't know where he is.
[DuCTF'23] Actually Proxed
Actually Proxed This post is a continuation of the previous proxed challenge. If you haven’t read the writeup for it, I strongly suggest reading up on it here before reading this post!
Description Still cool haxxorz only!!! Except this time I added in a reverse proxy for extra security. Nginx and the standard library proxy are waaaayyy too slow (amateurs). So I wrote my own :D
The source code can be downloaded here.