SANS HolidayHack 2016 Full Writeup

Another year has past, which means the SANS HolidayHack is in full swing. This year, many new technologies were used, which were a blast to dig into. This writeup dives into each challenge and the methodology used to solve it. A summary of the story this year is below

»
Author's profile picture Cory Duplantis on pwn

CSAW Quals 2016 Pwn 500 - Mom's Spaghetti

Let’s take a look at the moms spaghetti from CSAW Quals 2016. This solution was a collaboration between @thebarbershopper, @jduck, and @WanderingGlitch. For those that want to play along at home, you can build your own server to throw against by the following:

»
Author's profile picture Cory Duplantis on pwn

Whitehat - pwn3 - readfile

Let’s take a look at the pwn3 challenge from WhiteHat 2016.

»
Author's profile picture Cory Duplantis on pwn

Internetwache RE60 Writeup: Symbolic Execution for the win

(This challenge was performed entirely in EpicTreasure. If you don’t want to setup the tools listed in this writeup, simply install EpicTreasure and you are off to the races. Also, mirrored from my Praetorian post)

»
Author's profile picture Cory Duplantis on re and angr

Pwning Gnomes: CounterHack HolidayHack 2015 Writeup

It is that time of year again! Time for the HolidayHack presented by CounterHack! This one is going to be fairly long, but boy are there a lot of cool challenges here. Everything from network forensics, web, image forensics, and even a pwnable.

»
Author's profile picture Cory Duplantis on CTF, pcap, pwn, and web

CMU Binary Bomb meets Symbolic Execution and Radare

Symbolic execution has been a topic I have been meaning to jump into for a few months. Today we will look at how to apply symbolic execution to the Carnegie Melon Binary Bomb lab.

»
Author's profile picture Cory Duplantis on ctf, python, symbolic, execution, reverse, and radare

Voice Robot plays Keep Talking and Nobody Explodes

Here is the video of my voice activated robot Bombly dominating Hardcore in the game Keep Talking and Nobody Explodes.

»
Author's profile picture Cory Duplantis on python, voice, and robot

HITCON - PhishingMe

Sent me a .doc, I will open it if your subject is "HITCON 2015"!
Find the flag under my file system. 
p.s. I've enabled Macro for you. ^_________________^
phishing.me.hitcon.2015@gmail.com.
»
Author's profile picture Cory Duplantis on ctf and phishing

Vulnhub - Brainpan3

Brainpan3 is a typical boot2root VM that we boot and attempt to gain root access. This one is a bit long, but I hope it is entertaining and informative. Strap in!

»
Author's profile picture Cory Duplantis on boot2root and Pwnable

MMACTF 2015 - Moneygame

We are presented with a stock market game. We have to time the market just right in order to get 10x our initial cash pile. Psh.. easy peasy

»
Author's profile picture Cory Duplantis on CTF and Pwnable

SaintCon 2015 PreCTF - 4

``` – CIPHERTEXT – AEBRVHWWMQHURVWFFIKVYFUCDG To Decrypt this Message, you will need to learn how a US President encrypted messages while in Paris France.

»
Author's profile picture Cory Duplantis on CTF and Programming

HouSecCon 2015 August Pre-CTF

```

  • thebarbershopper has joined the channel
»
Author's profile picture Cory Duplantis on CTF and Web

CampCTF 2015 - Bitterman

Upon connecting, we are given a prompt which asks for the following items:

»
Author's profile picture Cory Duplantis on CTF and Pwnable

Defcon OpenCTF 2015 - Sigil

Below is the main funciton of Sigil:

»
Author's profile picture Cory Duplantis on CTF and Pwnable

Defcon OpenCTF 2015 - Runic

Below is the main function for Runic:

»
Author's profile picture Cory Duplantis on CTF and Pwnable