bi0s

Faulty LFSR - InCTF Internationals 2020

tl;dr

Find the co-relation between variables in the LFSR equation
1. d == out (75%)
2. a == b (75%)
3. c^d == out (75%)
4. (d!= out) => (c==1) always
Solve for the seed using 2000 output bits
Try out which among the four possible combinations decrypt the flag

InCTFi LFSR Correlation attack

BabyJS - 2020 Defenit CTF

Web Exploitation

tl;dr

Accessing a variable in Handlebars template using this object

Defenit Handlebars template injection Ssti

TarAnalyzer - 2020 Defenit CTF

Web Exploitation

tl;dr

Zip Slip Vulnerability + YAML Deserialization Attack + Race Condition
Unintended Solution: Upload symlink leading to arbitarary file reads

Defenit YAML Zip Slip Race Condition Symlink

USB 2 - 2020 Defenit CTF

Forensics / Registry

tl;dr

Digging into windows registry to find process run counts.
Extracting and parsing AmCache to find the hash of process images

Windows Registry Analysis Defenit

golf.so - PlaidCTF 2020

Misc / Linux / ELF

tl;dr

Hand-crafting a linux shared object file with a size of less than 194 bytes

Plaid

Strange PCAP - HackTM CTF Quals 2020

Forensics / Network

tl;dr

Disk Dump extraction.
USB leftover Capture data extraction.
Zip file cracking.

HackTM Wireshark

Think twice before speaking once - HackTM CTF Quals 2020

Pwn / Linux / ELF

tl;dr

Linux userspace exploitation by parsing ELF for symbol addresses with an arbitrary read

HackTM

Find My Pass - HackTM CTF Quals 2020

Forensics / Memory

tl;dr

Memory dump analysis using Volatility.
Extracting Keepass Master Password from the memory.
Extracting flag from ZIP archive attached in the Keepass database.

Windows Memory Analysis HackTM

RR - HackTM CTF Quals 2020

Forensics / Disk

tl;dr

RAID recovery
JPEG image extraction from lost disk

HackTM RAID Recovery

Falcon Badge

In this blog, we are going to share the experience of creating our first electronic badge.

Badge Life IoT Hardware Badge

15 / 19