The CTF landscape has changed a lot in the last year, with the introduction of OpenAI ChatGPT.
It assumed that the flag would be a simple message, but it corrected itself with a little hint.
/download?filename=$1
/download?filename=/proc/self/exe
confirms the application is written in
Python/download?filename=/app/app.py
or
/download?filename=app.py
to get the source codeSECRET_KEY
, enough to fake an admin cookie
% thx @jix_ for sharing their fonts | |
% compiles out of the box on https://tectonic-typesetting.github.io/ but may work | |
% on other LaTeX distros | |
\documentclass[a4paper,12pt,headings=standardclasses]{scrartcl} | |
\usepackage{mathpazo} | |
\usepackage{fontspec} | |
\setmainfont{TeX Gyre Pagella} | |
\setkomafont{disposition}{}\RedeclareSectionCommands[font=\bfseries]{paragraph} | |
\usepackage{tikz,tkz-euclide} |
Find the flag by joining the CTF's Discord server.
The description makes it sound easy. However, that is a red herring. After some
false starts, I solved it by using mitmproxy
's scripting abilities.
First, create a separate Firefox profile by going to about:profiles
and
#include <iostream> | |
#ifdef SELFTEST | |
#include <cstring> | |
#include <cassert> | |
#include <random> | |
#endif | |
using namespace std; | |
unsigned patterns[] = { |
#!/usr/bin/env runhaskell | |
{-# LANGUAGE OverloadedStrings #-} | |
import Prelude hiding (replicate, putStrLn) | |
import Data.List hiding (replicate) | |
import Data.Tuple | |
import Data.Ord | |
import Data.Function | |
import Data.ByteString (replicate, ByteString) | |
import Data.ByteString.Char8 (putStrLn, pack) | |
import Control.Monad |
import Data.Semigroup | |
data Permutation = Permutation [Int] deriving (Eq, Show) | |
permute :: Permutation -> [a] -> [a] | |
permute (Permutation p) xs = (xs !!) <$> p | |
instance Semigroup Permutation where | |
a <> Permutation b = Permutation $ permute a b | |
stimes = stimesMonoid |
from pwn import * | |
from itertools import cycle | |
import string | |
import codecs | |
import traceback | |
MORSE = { | |
'.-': 'A', | |
'-...': 'B', | |
'-.-.': 'C', |
[oxfoo1m3
][crackme] is a relatively simple crackme with elements of anti-debugging, anti-disassembly, and, as the author put it, anti-libbfd.
I created a new Vagrant virtual machine, and after a bit of fiddling with shared folders, ran the binary:
vagrant@debian9:/vagrant/oxfoo1m3$ ./oxfoo1m3
oxfoo1m3 started ;]
3nt4 p455w0rD:
ABCDABCDABCD