The Cyber Defenders Discovery Camp 2015 is an introductory computer security workshop slash competition targeted at students at the JC and IHL levels. This i...
The Dystopian Narwhals played in the HackIM 2016 CTF organised by Nullcon the last weekend and I must say, it was the most controversial ones I’ve ever exper...
A PHP service that allows uploading of small files (<= 7 bytes) with arbitrary filenames within a browsable path.
Exploit a tiny binary with an extremely customised memory mapping with an infoleak leading to libc disclosure and jump to magic shell address.
Abuse the stack smashing protector infoleak vulnerability to leak the flag.
Steal the password and TOTP token from an admin using cross-site scripting.
Remote code execution in a seccomp protected python service requiring manipulating python internals to retrieve the flag in memory.
Remote code execution with a code injection vulnerability in a Forth interpreter.