[3DS CTF] [MISC 400 – WAT] Write up

Description

[EN]
Scavenging an old 318br repo, we found a program missing some line of code. Even without this line, we would like to know the result of
its execution.
Specific instruction: Put the flag on the format 3DS{} and submit.

[PT]
Vasculhando um repositorio antigo do 318br, nos encontramos um programa faltando uma parte. Mesmo faltando uma parte, nos gostariamos que voce nos dissesse o resultado de sua execucao.
Instrucao especifica: Colocar o resultado no formato 3DS{} e submeter.

Solved by 19 Teams

Continue reading [3DS CTF] [MISC 400 – WAT] Write up

[3DS CTF] [Web 200 – MapOs] Write up

Description

[PT-BR]
Ouvi no elevador uma conversa do pessoal da empresa ao lado da MapOs e descobri que o sistema principal deles esta passando por uma reformulacao devido a 2 falhas. Uma delas de autenticacao, mas sobre a outra, so sei que pode levar um hacker a ganhar acesso ao servidor principal deles.
Como bom hue_br que voce e , de uma olhada l. Tem um arquivo no servidor deles com a flag.
Vou ser bonzinho: comece pelo admin@admin.com
– Container desse chall sao reiniciados a cada 3h. Em outras palavras, incluia isso no seu calculo para resolver o chall antes do reboot.
[EN]
I just overheard a conversation from the company next door to MapOs and found out that their main system is being updated due to 2 bugs. One of them is related to authentication, but I don’t know nothing about the other one besides the fact that it could lead an attacker to gain access to their main server.
Being such a good hacker as you are, take a look over there. There’s a file in their server with the flag.
PROTIP: begin with admin@admin.com
– Container for this chall is restarted every 3h. In other words, your entire effort should be done in less than 3h from last restart.

Solved by 10 teams

Continue reading [3DS CTF] [Web 200 – MapOs] Write up

[3DS CTF] [Exploit 300 – Please, no.] Write up

Description

[EN]
This time the programmer did a better job to hid his flag. But the problem still: It’s vulnerable. Can you obtain the flag?
Send to 209.190.1.131 9003
NOW WITH SECRET BONUS!

[PT-BR]
Dessa vez o programador caprichou um pouco mais na hora de esconder sua flag. O problema que continua vulneravel. Consegue extrair a flag?
Envie para 209.190.1.131 9003
AGORA COM BONUS SECRETO!

Solved by 32 teams
Bonus solved by 5 teams

binary

Continue reading [3DS CTF] [Exploit 300 – Please, no.] Write up