CTFするぞ

CTF以外のことも書くよ

CTF

TSG CTF 2021のWriteup

難易度詐欺師集団として国際指名手配されているあのTSGが今年も捜査の手を逃れてCTFを開催しました。 私は基本的にpwnだけ見ましたが、今年は去年ほどの難易度詐欺はpwnにはなく、正直な難易度が書かれていたと思います。 反省の色が現れており、情状酌量の…

CakeCTF 2021 開催記兼writeup

はじめに いままでInterKosenCTFとしていたのが、チームinsecureからの高専生消滅*1により名前がCakeCTFに変わりました。 内容はあんまり変わっていませんが、今年は明示的に「中級者向け」としたつもりです。 が、なぜか初心者向けCTFとして認知されてしま…

From JavaScript to Kernel - Google CTF 2021 Quals "Full Chain" Writeup

I played Google CTF 2021 Quals in zer0pts and I worked on several tasks. In the 6 pwnable challenges I solved during the CTF I liked "Full Chain" the most. This challenge consists of 3 parts: browser exploitation, sandbox escape, and privi…

0CTF/TCTF Quals 2021 Writeups

What is heap? I don't know. Anyways I guess we're qualified to the Finals. I want to play it if I can play it onsite. Please open the border as soon as possible, Suga-san [pwn 154pts] ListBook (61 solves) [pwn 200pts] uc_masteeer (45 solve…

Pwn2Win CTF 2021 Writeup

I played Pwn2Win CTF 2021 in uuunderflow and got the 2nd place. Unfortunately(?) we couldn't get the 1st place thanks to the flag hoarding but the CTF itself was a lot of fun! I couldn't play it full time but worked on some pwn challenges …

freeless - Beginner's CTF Online 2021

はじめに Beginner's CTF Online 2021に1問だけ出した問題のwriteupを書きます。 今年はSECCON Beginnersには新しいメンバーが入り、pwnを作ってくれる人も入ったのでHard問だけ担当しました。 SECCON Beginner'sのHard問は2年前がなんかtcacheいじるやつ(…

TSG LIVE! 6 CTFのWriteup

有名サークルであるTSG*1が先日開催したTSG LIVE! 6 CTFにゲストチームとして参加しました。 ゲストチームにはzer0ptsから私含めて3人と、暗号系VTuber*2のkurenaifさんと合同で出陣しました。 Pwn担当として参加しましたが、結果として力不足によりpwnを1問…

Information Leak via Compromised Sandboxed Browser

This article covers the exploit part. Check this one written by s1r1us for the web and chromium-security part. I solved some pwnable tasks from PlaidCTF 2021. There was a challenge named "Carmen Sandiego Season 2", which was a series of tw…

ångstromCTF 2021 Writeups

This week I played ångstromCTF 2021 in zer0pts and we stood the 3rd place. I solved all of the pwn tasks + some rev tasks*1 + bug-finding part of thunderbolt (crypto). As there're many number of challenges, I'm only going to write about th…

LINE CTF 2021 Writeups

I'm tired since I played 2 CTFs successively without sleep. So, I only leave very simple writeups. Other members' writeups: st98.github.io Although there were lots of pwn tasks, I only solved 2 tasks.*1 (Spending most time on sqlite pwn, I…

Securinets CTF Quals 2021 Writeups

I solved all of the pwn tasks, one forensics, steganography, and rev task with other members. Although I felt the stego and forensics tasks somewhat guessy, I enjoyed the CTF overall. Solving those pwn tasks after the heavy LINE CTF was a …

zer0pts CTF 2021 開催記

はじめに 2回目のzer0pts CTF 2021を開催しました。 今年も去年に引き続き、中級者向け〜上級者向け難易度を目標にしました。 正直去年は全完チームが4チームいて簡単だった説が出ていたので、去年より少しwarmup以外の難易度を引き上げたと思います。 なの…

DiceCTF 2021 Writeup

I played DiceCTF 2021 in zer0pts and we got the 2nd place :dice: I couldn't play it full-time because of my school stuff :sob: but I solved some challenges. [pwn 116pts] babyrop (163 solves) [pwn 149pts] flippidy (62 solves) [pwn 415pts] s…

justCTF [*] 2020 Writeups

justCTF [*] 2020*1 had been held by @justCatTheFish from Jan 30th for 37 hours. I played it in zer0pts and we got the 5th place. I'd been busy writing my bachelor thesis and I couldn't play some CTFs for some weeks. I felt it'd been a long…

Harekaze mini CTF 2020のWriteup

24時間のHarekaze mini CTF*1 2020が開催されました。 zer0ptsとして参加しましたが、作問陣にいたり忙しかったりで参加できないメンバーが多かったのでチーム名を「yoshiking*2と愉快な仲間たち」にすれば良かったと後悔しています。 難易度は比較的易しめ…

HackTM CTF Finals 2020 Writeup

Last weekend I played HackTM CTF Finals 2020, the Finals event of HackTM CTF Quals 2020, in zer0pts and we won the CTF I mostly worked on pwn, forensics and few reversing tasks. Especially the pwn tasks were well-designed and I reaperhaops…

オレオレFuzzerもどきを利用してCTFのpwnableを解こう

はじめに Fuzzingの概念 なぜ自分でFuzzerを書くのか 実際に問題を解く dual - ユーザーランドプログラムのFuzzing Step 1. Fuzzerの方針を立てる Step 2. テストケースを最適化する Step 3. 問題を解く spark - カーネルドライバのFuzzing Step 1. Fuzzerの…

pbctf 2020 Writeup

pbctf 2020 had been held from December 5th 00:00 UTC for 48 hours. I played it in zer0pts and we won the CTF I mainly worked on the pwn tasks. Every pwn task was very hard (except for Amazing ROP) and there were something to learn. I reall…

Layer7 CTF 2020 Writeup

Layer7 CTF had been helf on 14th November. It was a 15-hour individual competition. I played it as retsuko and reached 2nd place. Same as last year, the challenges were well-designed and I enjoyed them! And same as last year, I couldn't so…

BingoCTF 2020 Writeup

BingoCTF took place from 12th Nov, 09:00 KST for 24 hours. This CTF is a new-style competition for individuals. The score is calculated based on the number of bingo you made and the time you used to make bingo. We have 5 hours to solve the…

SECCON 2020 Online CTF Writeup

I wrote some challenges for this year's SECCON CTF. SECCON was famous for providing some crappy challenges but they eliminated those crappy-challenge authors this year XD Congratulations to HangulSarang, perfect blue, and MSLC! Thank you f…

TokyoWesterns CTF 2020 Writeups

I played TokyoWesterns CTF 2020 in team D0G$ (Defenit x zer0pts x GoN x $wag) and we reached 1st place It was an amazing dream collabolation I mainly worked on the pwn tasks and I'm going to write about some of them. The tasks and solver…

TSG LIVE! CTF 5のwriteup

競技時間が1時間ちょっとの割にクオリティの高い問題を毎年提供していると噂のTSG LIVE! CTFにyoshikingdomで参加しました。 みなさん気づいていなかったと思いますが、実はyoshikingというユーザーは私でした。 なんかサブマリンしてたみたいになっています…

CSAW CTF Quals 2020 Writeups

I was looking forward to playing CSAW CTF Quals 2020 since it was right level for me last year. We played this year's CSAW CTF in zer0pts and reached 11th place. I mainly worked on pwn and rev, and the pwn challenges were good. (I don't li…

PoseidonCTF 1st Edition Writeup

PoseidonCTF 1st Edition had been held from August 8th, 17:00 to 9th, 17:00 UTC. I played it in zer0pts and reached 3rd place. Pwn tasks are well-designed but I couldn't solve/check all of them because I had to check forensics and reversing…

WMCTF 2020 Writeup

I played WMCTF 2020 in DefenitelyZer0 (Defenit x zer0pts) and reached 8th place! WMCTF had been held from August 1st for 48 hours on XCTF platform. (I call it Chinese Mystery Platform.) The challenges I solved were really fun and I learned…

3kCTF-2020 Writeup

We zer0pts played 3kCTF-2020 which was held from 24 July 2020, 17:00 UTC for 20 hours. There are 5 categories (rev, web, pwn, crypto, misc) and the number of the tasks were well-balanced. I mainly worked on pwn tasks and I felt they were w…

UIUCTF 2020 Writeup

I played UIUCTF 2020, which had been held from July 18th 00:00 UTC for about 48 hours, in zer0pts and we reached 5th place. The overall difficulty was hard but many challenges I solved were fun as well. I mainly worked on pwn and kernel ta…

TSG CTF 2020 Writeup

TSG CTF 2020 had been held from July 11th 07:00 UTC for 24 hours. I played it in DefenitelyZer0, a collabolation team of Defenit and zer0pts, and reached 2nd place. I was one of the pwn members and we solved all the pwn tasks. I got 5 out …

ASIS CTF 2020 Quals - Pwn Writeup

I wrote the 6 pwn tasks of ASIS CTF 2020 Quals. Here is the brief overview of them. Challenge Vulnerability Estimated Difficulty Full Protection stack overflow, fsb warmup babynote integer overflow (to get out-of-bound address write) easy …