Stickied Posts

Recent Posts

HackIM 2016 Case Study

7 minute read

The Dystopian Narwhals played in the HackIM 2016 CTF organised by Nullcon the last weekend and I must say, it was the most controversial ones I’ve ever exper...

32C3CTF - TinyHosting (Web 250)

3 minute read

A PHP service that allows uploading of small files (<= 7 bytes) with arbitrary filenames within a browsable path.

32C3CTF - Teufel (Pwn 200)

6 minute read

Exploit a tiny binary with an extremely customised memory mapping with an infoleak leading to libc disclosure and jump to magic shell address.

32C3CTF - Gurke (Misc 300)

1 minute read

Remote code execution in a seccomp protected python service requiring manipulating python internals to retrieve the flag in memory.