The Cyber Defenders Discovery Camp 2015 is an introductory computer security workshop slash competition targeted at students at the JC and IHL levels. This i...
Execute arbitrary non-alphanumeric ruby code with length limitations.
An off-by-one error allows an attacker to leak return codes from memcmp to determine the difference in the supplied byte and the compared byte to leak the fl...
Server-side request forgery in a PDF page printer service in PHP leading to disclosure of secrets in a server-side PHP source code.
Type juggling in PHP’s weak comparison operator (==) allows an attacker to generate passwords to an administrator account and bypass the original MD5 hashing...
Use of the X-Forwarded-For header allows an attacker to fake country of origin to collect flags.
Use the Boneh-Durfee attack on low private exponents to recover the original two prime factors comprising the private key and decrypt an encrypted flag.
Recover the IV of an AES operation by utilising imperfect knowledge of the key and encrypted output.