These are CTF-style challenges I’ve made. Hope you enjoyed ✌
Tips: Like reading book, don’t read the last pages first. Let’s enjoy them for a day at least before checking writeup/sol. I’ve put a lot of my work in each one.
I’m going to describe my highlight challenges, which I like mostly. Also point out the interesting points of them.
Name | Language | Summary | Rating | Level | Describe yet ?
— | — | — | — | — | — |
prisonbreakseason2 | Python | Python Jail | ⭐⭐⭐⭐ | 💀💀💀 | ✔️
XYZBANK | PHP | MySQL type casting | ⭐⭐ | 💀💀 | ✔️
XYZTemplate | PHP/Javascript | Javascript/XSS | ⭐⭐ | 💀💀 |
cryptowww | PHP | Hash extension / urldecode trick, HTTP Parameter Pollution | ⭐⭐ | 💀💀 | ✔️
curl_story_part_1 | PHP | SSRF /w CRLF Injection (it was 0day) | ⭐⭐⭐⭐ | 💀💀 | ✔️
luckygame | PHP | MySQLi /w session variable + php type juggling | ⭐⭐⭐⭐ | 💀💀💀 | ✔️
simplehttp | Ruby | Ruby RCE /w WEBrick::Log.new | ⭐⭐⭐⭐ | 💀💀💀 | ✔️
tower4 | Python | Format injection | ⭐⭐⭐⭐ | 💀💀 | ✔️
lixi | PHP | PHP syntax trick | ⭐⭐⭐ | 💀💀 | ✔️
LoginMe | NodeJS | RegExp injection, MongoDB | ⭐⭐⭐ | 💀 | ✔️
h4x0rs.club | PHP/JS | CSP strict-dynamic, XSS, iframe in the middle, postMessage to top | ⭐⭐⭐⭐ | 💀💀💀 | ✔️
h4x0rs.space | PHP/JS | CSP, Persistent XSS, AppCache, ServiceWorker | ⭐⭐⭐⭐ | 💀💀💀 | ✔️
h4x0rs.date | PHP/JS | CSP, cache, <meta> Referrer override | ⭐⭐⭐ | 💀💀 | ✔️
Name | Summary | Rating | Level | Describe yet ?
— | — | — | — | — |
anotherarena | Heap on another main_arena (threads) | ⭐⭐⭐ | 💀 | ✔️
c0ffee | Race condition, with 1-byte overwrite, nearly impossible to exploit | ⭐⭐⭐⭐ | 💀💀💀 |
pokedex | Uninitialized memory -> Heap overflow | ⭐⭐⭐ | 💀💀 | ✔️
rapgenius | Uninitialized memory -> Use-After-Free + _IO_FILE abusing (_IO_read_* && _IO_write_*) | ⭐⭐⭐ | 💀💀 | ✔️
castle | Combine many of bugs: uninitliazed memory + stack overflow + heap overflow to defeat stack cookie eventually | ⭐⭐⭐⭐ | 💀💀💀 |
House-of-Cards | Old school pwnable, overwriting ENV | ⭐⭐⭐⭐ | 💀💀 | ✔️
h4x0rs.club pt3 | Old school pwnable, Fake MySQL server, MySQL LOCAL INFILE | ⭐⭐⭐⭐⭐ | 💀💀💀 | ✔️
Final round SVATTT 2016 Introduction page
Twitter: @l4wio
…Dành cả tuổi thanh xuân để suy nghĩ đề CTF.
Updating…