Skip to content

Instantly share code, notes, and snippets.

View meithecatte's full-sized avatar

Maja Kądziołka meithecatte

129 followers · 13 following
View GitHub Profile
@meithecatte
meithecatte / writeup.md
Created July 26, 2023 00:20
ECSC 2023 Quals writeup

ECSC 2023 Qualifier Write-up

Sanity Check

The CTF landscape has changed a lot in the last year, with the introduction of OpenAI ChatGPT.

It assumed that the flag would be a simple message, but it corrected itself with a little hint.

@meithecatte
meithecatte / writeup.md
Created July 21, 2022 14:28
ECSC 2022 Quals writeup

Kolska Leaks

  • LFI at /download?filename=$1
  • /download?filename=/proc/self/exe confirms the application is written in Python
  • with some luck, guess /download?filename=/app/app.py or /download?filename=app.py to get the source code
  • source code includes SECRET_KEY, enough to fake an admin cookie
    • best done by deploying the app locally and modifying the code to create an admin cookie by default
@meithecatte
meithecatte / template.tex
Created October 7, 2021 10:21
A basic LaTeX template because I'm changing it too much to make it a .cls file
% thx @jix_ for sharing their fonts
% compiles out of the box on https://tectonic-typesetting.github.io/ but may work
% on other LaTeX distros
\documentclass[a4paper,12pt,headings=standardclasses]{scrartcl}
\usepackage{mathpazo}
\usepackage{fontspec}
\setmainfont{TeX Gyre Pagella}
\setkomafont{disposition}{}\RedeclareSectionCommands[font=\bfseries]{paragraph}
\usepackage{tikz,tkz-euclide}
@meithecatte
meithecatte / README.md
Last active July 20, 2022 10:08
ECSC 2021 Quals writeups

Sanity Check (recon/zajebiste)

Find the flag by joining the CTF's Discord server.

The description makes it sound easy. However, that is a red herring. After some false starts, I solved it by using mitmproxy's scripting abilities.

mitmproxy setup

First, create a separate Firefox profile by going to about:profiles and

@meithecatte
meithecatte / pro.cpp
Created February 17, 2021 13:33
A solution for problem "Projekt planszy" from 28th Olimpiada Informatyczna
#include <iostream>
#ifdef SELFTEST
#include <cstring>
#include <cassert>
#include <random>
#endif
using namespace std;
unsigned patterns[] = {
@meithecatte
meithecatte / Main.hs
Last active December 20, 2020 18:23
·< - a Haskell reverse-engineering challenge on the 2020 hxpCTF
#!/usr/bin/env runhaskell
{-# LANGUAGE OverloadedStrings #-}
import Prelude hiding (replicate, putStrLn)
import Data.List hiding (replicate)
import Data.Tuple
import Data.Ord
import Data.Function
import Data.ByteString (replicate, ByteString)
import Data.ByteString.Char8 (putStrLn, pack)
import Control.Monad
@meithecatte
meithecatte / Even.hs
Created July 30, 2020 21:49
Checking if a number is even in Haskell
import Data.Semigroup
data Permutation = Permutation [Int] deriving (Eq, Show)
permute :: Permutation -> [a] -> [a]
permute (Permutation p) xs = (xs !!) <$> p
instance Semigroup Permutation where
a <> Permutation b = Permutation $ permute a b
stimes = stimesMonoid
@meithecatte
meithecatte / solve.py
Created November 25, 2018 23:45
Never Ending Crypto Redux solver - from a TUCTF 2018 challenge
from pwn import *
from itertools import cycle
import string
import codecs
import traceback
MORSE = {
'.-': 'A',
'-...': 'B',
'-.-.': 'C',
@meithecatte
meithecatte / oxfoo1m3.md
Created August 29, 2018 00:10
oxfoo1m3 crackme writeup

[oxfoo1m3][crackme] is a relatively simple crackme with elements of anti-debugging, anti-disassembly, and, as the author put it, anti-libbfd.

I created a new Vagrant virtual machine, and after a bit of fiddling with shared folders, ran the binary:

vagrant@debian9:/vagrant/oxfoo1m3$ ./oxfoo1m3
oxfoo1m3 started ;]
3nt4 p455w0rD:
ABCDABCDABCD