We also attended the last iCTF and Plaid CTF. For the iCTF we met as usual at Cased and hacked a lot until we got hungry. To regain our hacking capabilities we ordered some Pizza and hacked even more! We had some cool hacks and made it in the into […]
This year, the GPN included a CTF organized by squareroots. This post is about the service Espionage including an alternative solution. The Service We had a telnet decryption service and a screenshot indicating we would have to deal with RSA. The screenshot also included an encrypted version of a flag.txt, […]
Python scripts are often used to generate payloads for attacks, e.g. buffer overflows. Also, it is useful to send the payload to stdout, so that it can be redirected to the target process or, for different kinds of attacks, saved to a file. However, since Python 3 all strings (type […]
Crosspost from Rants, Ideas, Stuff. 90% of the time I write my (or other people’s) exploits in Python. I try to structure my code in small easy to read methods. Like every developer does 😉 Every exploit has at least one method which is called in a __name__ == ‘__main__’ block, so […]
Due to the code listings and some blah, this write-up is quite lengthy. Prepare some coffee first. 😎 Deobfuscation The uranus service from iCTF 2013 (code) is a node.js service written by @kapravel which has to be deobfuscated. Using jsbeautifier.org we get a better look on the code: For more […]
We will take part at this year’s Hack.LU CTF held again by the guys from FluxFingers. The CTF is challenge-based, requires no VPN, and there are also some nice prices to win! Hope to see you online at October 23–25!
Welcome to wizardsofdos.de. Prepare to be flooded with information (soon)!