$1.000 SSRF in Slack

Feb 17, 2019 - by Elber "F0lds" Tavares

Before I start, I have two important tips for anyone starting in the world of BugBounty. 1: Always check previous reports, you may know some bypass that may work in that situation, or you can learn something new. 2: If...

Proof of Concept

EvlzCTF 2019 - Don't Cry

Feb 3, 2019 - by shrimpgo

“Don’t Cry” (400) Description: How deep can you go?(0>0) While submitting put the flag in evlz{} Author: Achilles It’s just a JPEG file called crying.jpg. I tried common tools like stegsolve.jar, exiftool and binwalk but they didn’t find anything relevant....

Capture the Flag , Writeup

Pwn2Win 2018 - GCM

Dec 6, 2018 - by Rafael "rasknikov" Correia

These were the steps to resolve Pwn2Win 2018’s GCM challenge, a challenge about a critical vulnerability in Python’s cryptography package. Description There is only one method of performing bank transactions that can not be monitored by The Bavarian. It’s not...

Capture the Flag , Writeup

Pwn2Win 2018 - Attack Step [First Flag]

Dec 3, 2018 - by Rafael "rasknikov" Correia

These were the steps to solve the First Flag of Attack Step. We solved this with little time left so we couldn’t try to solve the Second Part. Description We have gotten information that The Bavarian have their own authentication...

Capture the Flag , Writeup

ASIS CTF Finals 2018 - Gunshop and Gunshop II

Nov 26, 2018 - by Rafael "rasknikov" Correia

One Frida script for two Flags ASIS 2018 Gunshop and Gunshop II challenges were about an Android app. And I love reversing Android apps. Here is the Write-up for the two challenges, as the same script will resolve both. Gunshop...

Capture the Flag , Writeup

RITSEC CTF 2018 - PCAP Me If You Can

Nov 19, 2018 - by Kauê Doretto

PCAP Me If You Can (forensics 300) The hackers have written their own protocol for their MALL-ware. Can you figure out what they’re saying? Hint 1: custom protocols are hard Hint 2: Don’t worry, I won’t make you decrypt anything...

Capture the Flag , Writeup

HACKAFLAG 2018 - Etapa São Paulo - Siga a api [PT-BR]

Sep 18, 2018 - by shrimpgo

“Siga a api” (500) Descrição: Essa misc é um net enrustido, siga o dump até o usário. #sejabonzinho não owne o full stack ;) Autor: @boot Anexo: rappi.pcapng — O pcap mostra diversos acessos em HTTPS, mas há alguns acessos...

Capture the Flag , Writeup

NoxCTF 2018 - Marcode

Sep 17, 2018 - by shrimpgo

“Marcode” (1000) Description: Marcode (Mr. Code in Hebrew), Ineed your help! I got a movie but I cant see it. It hypnotizes me. please help me! yours, Gveretcode (Mrs. Code in Hebrew) P.S. change NOXCTF to noxCTF. Download — This...

Capture the Flag , Writeup

HackIT CTF 2018 - PyCry Writeup

Sep 10, 2018 - by Marzano

This challenge was a teamwork challenge. First, @diofeher discovered that we could run python on the server by sending code to the second input. He found this: << print locals() << {'funcwtf': <function funcwtf at 0x7f22e83de758>, 'string': <module 'string' from...

Capture the Flag , Writeup

Tokyo Westerns CTF - Revolutional Secure Angou Writeup

Sep 3, 2018 - by Marzano

In this challenge we are given an encrypted file, flag.encrypted, a public key publickey.pem, and a prime generator generator.rb. flag.encrypted T+03cnnbLkix6F+jVy2/XS+ianzRCTeihrOjT8ZsE+PQvK8KnTPOMEIC6aTphvsSv4bXYQUGZJpT bXETFWOH+qylzlYMPNITfegH13yl3DD9b6Pdx5SQi+IwG6m7hgT2wD60hH/15yPYHkJzG7ctjCZG 0qniAyZCqlEoqc1cakvXWw4+IyL7esY93AnJytJXPPKx4a95dOrY1wC4JrvHsxbouiQOu9KmXhP6 po8YzsBdNUY9qbUJw5uOUJDZGxMWP8PZnsM981AegYn807cfwfoasHXLKfZqZNrKtRm3opwBcTBr 7b5YQXYTa1duRyepgFTGjkKF+h8OmAuZV+25pA== generator.rb require 'openssl' e = 65537 while true p = OpenSSL::BN.generate_prime(1024, false) q = OpenSSL::BN.new(e).mod_inverse(p)...

Capture the Flag , Writeup