Write-ups


GPN14: Espionage – The Hard Way

This year, the GPN included a CTF organized by squareroots. This post is about the service Espionage including an alternative solution. The Service We had a telnet decryption service and a screenshot indicating we would have to deal with RSA. The screenshot also included an encrypted version of a flag.txt, […]


Parallelization of Exploitation

Crosspost from Rants, Ideas, Stuff. 90% of the time I write my (or other people’s) exploits in Python. I try to structure my code in small easy to read methods. Like every developer does 😉 Every exploit has at least one method which is called in a __name__ == ‘__main__’ block, so […]


iCTF 2013: uranus 2

Due to the code listings and some blah, this write-up is quite lengthy. Prepare some coffee first. 😎 Deobfuscation The uranus service from iCTF 2013 (code) is a node.js service written by @kapravel which has to be deobfuscated. Using jsbeautifier.org we get a better look on the code: var r3A8 […]