Category Archives: 2024

English [HeroCTF 2024] [Forensics 316 – LazySysAdmin #2] Write Up

Description

This challenge is of medium difficulty. You have identified a malicious script that was executed before the computer shut down. A copy of the disk was made, and your task is to investigate the disk to understand the “extent of the damage” caused by the script.

URL: Mega.nz Download Link

Fingerprint (SHA256): eb135b3db3efe64220753c2b6495cc30bd51a1fa0268d1b7074323c91e872492

Format: HERO{flag} Author: Mallon

Continue reading [HeroCTF 2024] [Forensics 316 – LazySysAdmin #2] Write Up

English [HeroCTF 2024] [Prog 864 – Antwarz PVE – Easy & Medium] Write Up

Description

These challenges are categorized as easy and medium difficulty. In these challenges, you will need to code your own bot to control an ant colony. In the first two challenges (Easy and Medium), you compete against pre-configured bots. If you succeed, you enter the PVP arena, where you will compete against other players.

Scoring ends 10 minutes before the CTF concludes, and the team with the most points will be awarded a flag worth 10 points. While this flag might not seem like much, it could be the deciding factor between second or first place! You can find more information about the game in the documentation section of the dedicated platform.

It’s worth noting that the goal of these challenges is not to exploit the platform, but to create the best possible bot. Any detected security vulnerabilities should be reported, as exploiting them to solve a challenge would invalidate the submission.

You can access the source code of the game engine through the first challenge of the series if you wish to set it up locally.

nc antwarz.heroctf.fr 8080

Format: Hero{flag} Author: Log_s

Continue reading [HeroCTF 2024] [Prog 864 – Antwarz PVE – Easy & Medium] Write Up

English [HeroCTF 2024] [Reverse Engineering 247 – AutoInfector 2/3] Write Up

Description

This challenge is of easy difficulty. With the sample in hand, it’s time for analysis! We are tasked with overcoming a geofencing restriction on the command and control (C2) server in order to access the malware’s second stage.

Question: How do you bypass the geofencing restriction?

Continue reading [HeroCTF 2024] [Reverse Engineering 247 – AutoInfector 2/3] Write Up