bi0s

Shisui - Fword CTF 2021

Yadhu Krishna M

2021-08-30

Web Exploitation

tl;dr

XSS using DOM Clobbering
<a id="showInfos"></a><a id="SETTINGS" name=check data-timezone="aaa" data-location="eval(window.name)"><a id="SETTINGS" name="x">
Bypass CSRF protection to execute XSS and read flag.

Encrypted Operations - InCTF Internationals 2021

Vishvesh

2021-08-20

Crypto

tl;dr

Multiplying the middle element of 3x3 matrix with 9 gets thesum of all elements.
Adding the least element of 5x4 matrix with the larget and multiplying this result by 10 gets the sum of all elements.
multiplying any row with 2000 and subtrating that number by 2 will get you the sum.
Remaing two rows can be filled with the result of subtracting 9 from each digit of a corresponding row .

InCTFi

The Big Score - InCTF Internationals 2021

d3liri0us

2021-08-20

Forensics / Memory

tl;dr

Create a Linux profile for Ubuntu 18.04 (5.4.0-42-generic) in Volatility
Use linux_bash plugin to get link to the repo and linux_find_file plugin to recover the filepath
Decode the keyboard stream data to retrieve the flag

InCTFi Memory Linux

Tabula Recta - InCTF Internationals 2021

ph03n1x

4l3x1

2021-08-20

Crypto / RC4 cipher / InCTFi

Official writeup of Crypto challenge “Tabula Recta” from InCTFi 2021

tl;dr

Retrive first few bytes of table through Matrix calculations, then find which special b-exact key is used.

Elliptic Curve RC4 Password Manager

Miz - InCTF Internationals 2021

AmunRha

Freakston

2021-08-19

Reversing / Linux

tl;dr

This is a fairly simple Maze challenge
Challenge is written in rust

InCTFi Linux Reversing Maze Rust

MultiStorage - InCTF Internationals 2021

3agl3

2021-08-18

Pwn

tl;dr

Race condition to change the type.
Leak using uninitialized memory and get rip with overflow.

Heap InCTFi Exploitation Kernel

Baby Glob - InCTF Internationals 2021

Cyb0rG

2021-08-17

Pwn

tl;dr

Heap Overflow in glob function while handling Tilde operator.
Abuse null byte overflow to gain RCE.

Heap InCTFi Exploitation CVE-2017-15804

Kqueue - InCTF Internationals 2021

Cyb0rG

2021-08-17

Pwn

tl;dr

Use the integer overflow to trigger a kernel heap overflow.
Use the heap overflow to overwrite tty structure function pointers to get code execution.

InCTFi Exploitation Linux Kernel Kernel Heap

Heist Ends - InCTF Internationals 2021

g4rud4

2021-08-16

Forensics / Android

tl;dr

Extract creation timestamp of a note from Google Keep Notes.
Finding location, date & time from Slack Messages.
Extract no. of tasks completed and created from Google Tasks.
Finding secret code from Google Docs cache.
Extract first opened timestamp of a Game.

InCTFi Android ALEAPP

Heist Continues - InCTF Internationals 2021

g4rud4

2021-08-16

Forensics / Windows

tl;dr

Extract User ID and Workspace ID of the Slack workspace participating.
Extract the first & last 3 characters of text from the Anydesk Remote connected PC’s thumbnail wallpaper.
Extract the type of filesystem of the USBs connected to the system.
Extracting active duration of Voice Modulator application used by parsing Windows Activity timeline.

InCTFi USB Slack Windows Activity timeline Anydesk