Hey, I am SpyD3r(TarunkantG) and In this blog I will be discussing all the 5 web challenges that I made for InCTFi 2019 and a lot of SQLi and bypassing disable_functions tricks.

tl;dr

• EV3 Robot pklg analysis
• .RSF file recovery

Writeup from InCTFi 2019 bartender

tl;dr Windows 32-bit SEH exploitation

tl;dr

• double fput() leading to uaf

Write-Up for the “…—…” challenge from InCTF Internationals 2019

tl;dr

1. Alert signals encoded in morse transfered to the Mi-Band
2. Traverse through the packets and find the appropriate BLE handles of the encoded message
3. Decode the morse encoded message

tl;dr 2 element overflow in Array when jit compiled

tl;dr

• Decoding the strings found in TCP stream 0.
• Analysing and extracting data sent via different ports of TCP.
• Using character-wise caesar from the extracted data.
• Zip cracking

Intended solution of PRetty stroNG challenge from InCTF Internationals 2019

tl;dr

• Recover sample outputs from PRNG
• reverse wrapper function
• find seed from outputs
• get the flag

Intended solution of Wannavmbe challenge from InCTF Internationals 2019

tl;dr

• Challenge is a VM.
• Reverse Instruction types and implementation.
• Understand that it has a fucntion which takes the base64 of CWD (Current working directory).
• Find the corrcect directory where it needs to be placed.

Intended solution of waRSAw challenge from InCTF Internationals 2019

tl;dr variant of LSB Oracle Attack on unpadded RSA