ctfs / write-ups-2015 Goto Github PK

Add!

Writeup:
https://ucs.fbi.h-da.de/writeup-asis-ctf-quals-2015-saw-this-1/

The root README.md has a duplicate missing section. The task README.mds don't follow the original structure (Header with Description/Points etc, Description in Points, Files are referenced, Missing Write-up and Other write-ups and resources sections).

http://filedu.mp/2bb128905bd56d8c/write-up.txt

List of all challenge here : https://wargame.whitehat.vn/Challenges
*still can be access although the ctf was end
can someone make placeholder for this event ?
use https://github.com/ctfs/write-ups-tools

README.md:

Did you just publish a CTF write-up? [Let us know](https://github.com/ctfs/write-ups/issues/new)

The link
https://github.com/ctfs/write-ups/issues/new
redirects to
https://github.com/ctfs/write-ups-2014/issues/new

Just another write up for this challenge :)
http://blog.morganz.me/blog/2015/07/15/polictf-2015-pwnable150-johns-library-writeup/

basically the title

http://www.hasnydes.us/2015/05/schoolctf-unusual-redirection-300pts/
http://www.hasnydes.us/2015/05/schoolctf-stored-pass-100pts/
http://www.hasnydes.us/2015/05/schoolctf-shop-of-goodness-100pts/
http://www.hasnydes.us/2015/05/schoolctf-tacticus-abilitus-100pts/
http://www.hasnydes.us/2015/05/schoolctf-strange-spam-100pts/
http://www.hasnydes.us/2015/05/schoolctf-school-incident-150pts/
http://www.hasnydes.us/2015/05/schoolctf-tricky-authorization-200pts/
http://www.hasnydes.us/2015/05/schoolctf-not-weird-selfie-200pts/
http://www.hasnydes.us/2015/05/schoolctf-weird-selfie-100pts/
http://www.hasnydes.us/2015/05/schoolctf-hidden-file-200pts/

I'cant make pull request because have a repository conflict , thanks
@dhanvi @YASME-Tim

Hello Every one 😄

I have created a new Twitter account for our write-up so that it is easy to share external write-up's for every one

https://twitter.com/write_ups

feel free to share

http://www.0xebfe.net/blog/2015/01/24/ghost-in-the-shellcode-2015-pirates-treasure-500-write-up/

my little writeup in this challenge.
http://z1h4wk.tumblr.com/post/116828562808/ctf-plaidctf2015-forensic150
Hope it helps! =)))

hello ,
SECURINETS QUALS CTF 2015: CRACK1 WRITE-UP

https://rezk2ll.wordpress.com/2015/03/24/securinets-quals-ctf-2015-crack1-write-up/

Hey,

I think we (I volunteer) should build a website that would accompany this repository. Github is great, but it lacks a good UI to view writeups and any kind of writeup specific searches. I was thinking of using the Guthub API and making a website that pulls up all the content from the repo. We can maybe have it sync once a day.

Thoughts?

Hope @YASME-Tim you have them 👍

https://gist.github.com/libmaru/d46bd65bf6a7a1a94f5a

hello,
SECURINETS QUALS CTF 2015: BE GENIOUS WRITE-UP

https://rezk2ll.wordpress.com/2015/03/24/securinets-quals-ctf-2015-be-genious-write-up/

http://www.securifera.com/blog/2015/05/27/defcon-quals-2015-twentyfiveseventy/

@YASME-Tim and @mathiasbynens are you creating the place holders for this ctf or shall I push them ??

https://ctf.0ops.sjtu.cn/
https://ctftime.org/event/198

Some write-ups:

• https://hexpresso.wordpress.com/2015/03/30/0ctf-2015-treasure-50-writeup/
• https://hexpresso.wordpress.com/2015/03/30/0ctf-2015-forward-250-writeup/

@YASME-Tim do you have these problems

By Photubias / Team Howest CCCP

Introduction:
Answers for all the first round questions (7 questions) should be found in these files:
gcl_round1.7z (https://www.dropbox.com/s/vbt9wwadgtgolcx/gcl_round1.7z?dl=1, password Sup3rS3cr3tP@$$w0rd4Y0u)
Users.7z (https://www.dropbox.com/s/em6mv37vd107unz/Users.7z?dl=1)

Greetings HOWEST CCCP,

One of our operatives was on a mission and a Government Organization that wishes to remain un-named took him into custody. However, we have eyes and ears everywhere and deep within this organization we have an insider. The forensic group apparently took the laptop and a few other articles into possession and our insider is sending you a copy of the material.

Why would we send it to you? We are recruiting another team. We have to assume this one taken into custody is now compromised.

We need to know what the organization is going to find out about us and how we operate. A list of questions that are going to be asked has been provided to you as well. With that being said, we already know many of these answers, so we can tell you right away whether you are right or wrong. Those that measure up to the task will be invited to Round 2 of this recruiting effort.

~ warl0ck ~

Write-Up for the first level of the first round:

• IDK

• zfq...dszqup ujnf...eje zpv fyqfdu bozuijoh mftt? uif u0l3o zpv t33l gps uijt dibmmfohf jt: egJt!dszqu0
  ROT25:
  yep...crypto time...did you expect anything less? the t0k3n you s33k for this challenge is: dfIs!crypt0
  FLAG: dfIs!crypt0

• Guidelines:

• A message was intercepted from the operations team regarding the deployment of exploits. What was the significance of this
  Users.7z: Users\tang0\Documents\tang0_Live_Labs_Emails.pst
  recover PST password with Nirsoft PSTrecovery (NKv3fH) and open with Outlook
  Email "Guideline for Deployment of Exploits" from TeamOps on 2015-07-28 19:51 has this sentence at bottom:
  If you are looking for a -- t 0 k 3 n -- you found it here. Submit the following: 9696a6a68ac6b87
  FLAG: 9696a6a68ac6b87

• Impossible

• When we intercepted tang0 he was on a mission assigned by 'live labs' and we need to know what the name of that mission is
  Users.7z: Users\tang0\Documents\tang0_Live_Labs_Emails.pst
  recover PST password with Nirsoft PSTrecovery (NKv3fH) and open with Outlook
  Email "RE: Your Live Labs System" from DarkLord on 2015-08-01 8:22 has this sentence:
  n1tr0n is getting your system ready. Operation Mark83a is coming soon make sure you get you ...
  FLAG: Mark83a

• Find It

• PPID 1744 has a process listening on what port number?
  gcl_round1.7z: Is a memory dump
  Get info: python vol.py -f /root/gcl_round1.dd imageinfo
  "python vol.py -f /root/gcl_round1.dd --profile=Win7SP1x86 pslist" shows tor.exe with PID 1628 and PPID 1744 (firefox process)
  "python vol.py -f /root/gcl_round1.dd --profile=Win7SP1x86 netscan" shows tor.exe with PID 1628 listening on port 9151
  FLAG: 9151

• Easy

• What was the IP address of the system?
  gcl_round1.7z: same command as previous flag shows local IP
  "python vol.py -f /root/gcl_round1.dd --profile=Win7SP1x86 netscan" shows System listening on 192.168.1.5:138
  FLAG: 192.168.1.5

• Sleeping?

• tang0 left a ZZZ t0k3n on the system. Can you find it?
  gcl_round1.7z
  "python vol.py -f /root/gcl_round1.dd --profile=Win7SP1x86 clipboard" shows clipboard contents:
  th3 ZZZ t.0.k.3.n is: Aw3s0m3J0b!
  FLAG: Aw3s0m3J0b!

• nuf said

• There is an XXX t0k3n on the system for you to find (NOT that kind!)
  gcl_round1.7z: as seen with "python vol.py -f /root/gcl_round1.dd --profile=Win7SP1x86 pslist" there is a cmd.exe
  We can recover command history:
  "python vol.py -f /root/gcl_round1.dd --profile=Win7SP1x86 consoles"
  shows C:\Users\tang0>th3 XXX t 0 k 3 n y0u s 3 3 k is: cmd$cAn-n!C3
  FLAG: cmd$cAn-n!C3

Hi,

here are our writeups for ASIS Quals 2015
Secret Message: https://ucs.fbi.h-da.de/writeup-asis-ctf-quals-2015-secret-message/
Keka Bomb: https://ucs.fbi.h-da.de/writeup-asis-ctf-quals-2015-keka-bomb/

Another write up for this one :)

http://jackson.thuraisamy.me/polictf-2015-android.html

Scoreboard : http://school-ctf.org/#rating-ref

Hi, our team (vulnhub-ctf) has written up most of the flags we managed to grab. The links for the nullcon challenge writeups is https://ctf-team.vulnhub.com/write-ups/hackim/. Can you add those to this awesome repo?

Thanks!

We hosted hackcon 2015, on 14th - 15th August http://hackcon.in/. I'll add the questions in a while.

https://github.com/Superari/sCTF-2015

The following task have missing descriptions:

• exploit/smtpwn
• exploit/the-firmware
• mobile/insomnidroid-part2
• network/hollywood-network
• reversing/swordfish-passwd
• shellcode/blue-pill
• web/hack-like-its-1999
• web/hacker-idol
• web/jack-the-clicker
• web/serial-hackers
• web/smell-of-the-lamp
• web/smelly-lamp-got-makeup
• web/win

After checking the description I find out that some files have not been uploaded to Github. For example for reversing challenges there should be a bin file uploaded. It is intended to make this repository clean? After the CTF(the CTF website shutdown) there would be no place for the guys who want to try out the challenge to find the bin file...
Do you plan to solve this problem by setting up another repo or just leave it?

some of folder names are illegal on windows (specifically colon) and I can't commit some of files because of that. Can I change folder names for these ones and then commit?

Ghost in the Shellcode 2015 - Blocky's Revenge
https://medium.com/@shanewilton/ghost-in-the-shellcode-2015-blockys-revenge-7074a119115e

Writeup by tasteless
http://tasteless.eu/2015/04/plaidctf-2015-cryptoserv-reversing-250/

https://github.com/rentjongteam/write-ups-2015/tree/master/asis-2015
indonesian writeup

Can you add placeholders for Securinet CTF?

http://filedu.mp/2bb128905bd56d8c/exploit.c
http://filedu.mp/2bb128905bd56d8c/win.txt

Sorry, no detailed write-up, yet.

// Moki @ Gallopsled

http://filedu.mp/29828b3c14629f02/exploit-part1a.sh

As we are moving further into the year, no of commits are increasingly significantly in the repo. It is generally a good practice to squash commits from PRs into a single commit and then merge them. This will keep git history/logs clean.

http://programmers.stackexchange.com/questions/263164/why-squash-git-commits-for-pull-requests

Exodus hosted a CTF over the weekend. It's available here:

https://ctf.exodusintel.com/adventure/

In particular, you need the ELF binary and all assets on the linked web-page. That specific JSLinux implementation is necessary to complete one of the challenges. I'm not sure how you want to handle that, since it pulls things on-the-fly over the wire.

See https://github.com/ctfs/write-ups-2014/tree/master/ructf-2014-quals.
I propose to differentiate between tasks without ANY writeup and tasks without a local (this repo) writeup to remove confusion.

There is one more writeup for tera:)
http://blog.morganz.me/blog/2015/05/12/asis-ctf-quals-2015-re100-tera-writeup/

When a possible contributor sees the default repo view, based on the README.md, he doesn't see how to format contributions.

If we merge both files or append the content of CONTRIBUTING.md to README.md, it is viewable on first sight.

Any opinions on that?

hello,
SECURINETS QUALS CTF 2015: COOKIES WRITE-UP

https://rezk2ll.wordpress.com/2015/03/24/securinets-quals-ctf-2015-cookies-write-up/

This is just a notice - I already created and committed the skeleton and included all files needed. Will upload it as soon as CTF ends - please do not cause a merge conflict :)

https://www.bpak.org/blog/2015/03/bkpctf-2015-quincy-center-uspace-write-up/
https://www.bpak.org/blog/2015/03/bkpctf-2015-quincy-adams-kspace-write-up/
https://www.bpak.org/blog/2015/03/bkpctf-2015-braintree-tz-write-up/

from PPP.

I can't speak Indonesian and all task descriptions are in Indonesian (I think). Please don't just Google Translate it :).

another write up for wibbly wobbly timey wimey ~
http://blog.morganz.me/blog/2015/05/23/def-con-ctf-qualifier-2015-wibbly-wobbly-timey-wimey-writeup/

http://www.pwntester.com/blog/2015/03/30/0ctf-2015-mislead-web-300/

Thanks,
a