TISC 2021 - 1865 Text Adventure (Creator’s Writeup)
This challenge was created for The InfoSecurity Challenge (TISC) 2021 organised by the Centre for Strategic Infocomm Technologies (CSIT). It was the 9th leve...
Stickied Posts
NUS Greyhats at CDDC 2015 and (Almost) Epic Mass Exploitation
The Cyber Defenders Discovery Camp 2015 is an introductory computer security workshop slash competition targeted at students at the JC and IHL levels. This i...
Recent Posts
32C3CTF - Gurke (Misc 300)
Remote code execution in a seccomp protected python service requiring manipulating python internals to retrieve the flag in memory.
32C3CTF - Forth (Pwn 150)
Remote code execution with a code injection vulnerability in a Forth interpreter.
Hack.lu CTF 2015 - Creative Cheating (Crypto 150)
Analyse a given PCAP for some secret communication between Alice and Bob and determine which messages contain a valid signature.
HITCON 2015 Qualifiers - Piranha Gun (Stego)
Directory contents are hidden with a mount.
HITCON 2015 Qualifiers - Hard to Say (Misc)
Execute arbitrary non-alphanumeric ruby code with length limitations.
ASIS CTF Finals 2015 - Shop 1 (Pwn)
An off-by-one error allows an attacker to leak return codes from memcmp to determine the difference in the supplied byte and the compared byte to leak the fl...
ASIS CTF Finals 2015 - Myblog (Web)
Server-side request forgery in a PDF page printer service in PHP leading to disclosure of secrets in a server-side PHP source code.