We are a group of students, computer security enthusiasts and CTF players mostly from the Karlsruhe Institute of Technology. If you are interested in hacking with us, write us at team@kitctf.de or come to our weekly meetings. We meet every Thursday at 7 pm in the computer science building (50.34), room -120 (sometimes in room -118).
Posts
-
Jun 1, 2024
GPNCTF: Trapdoor author writeup
For the GPNCTF I wrote a crypto challenge. It was called Trapdoor and at least I thought about using advanced mathematics to solve it.
-
Apr 11, 2024
Intro Talks 2024
Starting on the 25th of April, we will be holding introductory talks for the main categories of Capture the Flag. We meet on Thursdays at 7pm in the CS building 50.34, room -101. Please bring a laptop if possible.
- Mar 29, 2024 KalmarCTF 2024: Symmetry writeup
- Mar 29, 2024 Google Capture The Flag 2023: oldschool and UBF writeup
- Mar 3, 2024 BraekerCTF 2024 – Injecting Commands – Writeup
-
Dec 20, 2023
Talk: Frida Game Hacking
CTF challenges are usually well-behaved programs. But what do you do in more complex cases such as games, messenger applications (e.g. e2e encryption) or mobile applications (e.g. certificate pinning)? Frida to the rescue!
-
Nov 2, 2023
Talk: Insecure GitHub Actions
You know GitHub Actions, these small building blocks that make your dev life easier… But they can also get you pwned in no time, if you are not careful.
- Oct 31, 2023 CSR23 simple-asm
- Oct 31, 2023 CyberSecurityRumble Quals & Finals 2023: Exterminate & PCaS
- Oct 31, 2023 Cyber Security Rumble Finals CTF 2023 – elkcip – Writeup
-
Oct 19, 2023
Intro Talks WS 2023/2024
Starting on the 2nd of November, we will be holding introductory talks for the main categories of Capture the Flag. We meet on Thursdays at 7pm in the CS building 50.34 room -120.
-
Sep 21, 2023
Talk: Nix and NixOS
Slides, in German, for the talk What is Nix and NixOS. The talk was held on August 24, 2023.
-
Jul 27, 2023
Talk: Introduction to V8 JIT Compilation
Deep dive in how the Chrome browser executes JavaScript and how this can break.
-
Jul 7, 2023
Python Jail Escapes
At our weekly meetings we had a talk about Python jail escapes, aka. getting around restrictions that make it hard to execute
os.system('cat flag.txt')
. In the talk we went through challenges, that we present here as exercises to practice. Starting very simple and then digging more and more into python internals. -
Jun 22, 2023
Talk: Introduction to SpiderMonkey exploitation
How is javascript actually executed in firefox from the interpreter to the optimizing JIT compiler? This and other questions related to spidermonkey exploitation are answered in a walkthrough of the GPNCTF 2023 challenge icefox.
-
May 19, 2023
Talk: Linux Namespaces
What are linux namespaces and how can we e.g. build docker using it?
-
Apr 19, 2023
Intro Talks 2023
Starting on the 27th of April, we will be holding introductory talks for the main categories of Capture the Flag. We meet on Thursdays at 7pm in the CS building 50.34 room -120 (sometimes we may meet in room -118).
-
Apr 13, 2023
Talk: Advanced Ghidra
We tame the dragon and get it to teamwork. This talk is about advanced Ghidra usage, specifically:
- Apr 11, 2023 hxp CTF 2022 tex_based_adventure: Post-CTF writeup
-
Apr 10, 2023
Talk: Elliptic Curves 2
Continuation of Elliptic Curves 1 by Benedikt. Here are the Slides. As always CryptoHack is a great place to practice.
-
Apr 4, 2023
Talk: CodeQL Workshop
Finding vulnerabilities at scale by doing static analysis with CodeQL. intrigus’ workshop tells you how!
-
Feb 24, 2023
Talk: Lattice-based Cryptography
Continuing our theme of learning about foundations of modern crypto algorithms, Robert introduced us to lattices. Specifically we covered:
-
Feb 23, 2023
Talk: Elliptic Curves
We look at curves that look like fish and do some maths to break some crypto. Benedikt shows us how.
-
Feb 23, 2023
Talk: C++ Reversing
What weird things can happen when reversing C++ binaries and how not die from them? Slides of Liam’s talk from 2023-01-26.
-
Feb 21, 2023
Talk: Intro to Smart Contract Exploitation
More and more CTFs include web3 challenges. On 2023-02-09 @mawalu talks about web3, common vulnerabilities in smart contracts, and touch on what you need to run a web3 challenge. We’ll do (ethereum) challenges afterwards!
-
Feb 21, 2023
Intro Talks 2022
Archive of 2022 introductory talks. Even if you missed the talks, you can always attend our weekly in-person meetings: Thursdays 7pm, 50.34 room -120 (sometimes we may be in room -118).
- Feb 10, 2023 KITCTFCTF 2022 Slots Writeup
- Feb 10, 2023 DiceCTF 2023: parallelism and not-baby-parallelism writeup
-
Jan 16, 2023
Real World CTF 2023: ChatUWU Writeup
Real World CTF 2023 is a jeopardy-style capture-the-flag event, known for its realistic challenges. We participated as part of the Sauercloud CTF team.
-
Jan 8, 2023
Real World CTF 2023: Happy-Card Writeup
Real World CTF 2023 was a jeopardy-style capture-the-flag event. We participated as part of the Sauercloud CTF-team.
- Dec 25, 2022 KITCTFCTF 2022 V8 Heap Sandbox Escape
-
Jul 21, 2022
Google CTF 2022 Js Safe 4.0
Google CTF 2022 was my first jeopardy CTF with KITCTF. This is my write-up for the challenge Js Safe 4.0.
-
Jul 21, 2022
How to learn (non-exhaustive list)
Useful resources for learning hacking with CTFs.
-
Jul 21, 2022
Google CTF 2022 APPNOTE.txt
Google CTF 2022 was my first jeopardy CTF with KITCTF. This is my write-up for the challenge APPNOTE.txt.
- Apr 25, 2022 b01lers CTF 2022: resnet Model Inversion
-
Feb 17, 2022
Defcamp 2022 Writeups
Here are a few writeups from the tasks we solved at DefCamp Capture the Flag 2022.
- Jan 31, 2022 Insomnihack Teaser 2022: Herald
- Dec 19, 2021 hxp CTF 2021: Shitty Blog
- Nov 30, 2021 Cyber Security Rumble 2021: UnknownOrigin
- Nov 30, 2021 Cyber Security Rumble 2021: Unaffordable
- Nov 30, 2021 Cyber Security Rumble 2021: FollowTheLeader
- Nov 30, 2021 Cyber Security Rumble 2021: CSRunner
- Nov 17, 2021 hack.lu CTF 2021: Touchy Logger
- Nov 17, 2021 hack.lu CTF 2021: PYCOIN
- Nov 16, 2021 ASIS CTF 2021: Madras
- Nov 16, 2021 ASIS CTF 2021: Gesture
- Nov 16, 2021 ASIS CTF 2021: Factory
- Nov 16, 2021 ASIS CTF 2021: Crypto Warm up
-
Jun 28, 2020
CSCG 2020: Xmas Shopping Site
Like a few other members of KITCTF I participated in the 2020 Cyber Security Challenge Germany Qualification. This is a writeup for “Xmas Shopping Site”, one of the three web challenges that were part of the CTF.
-
May 16, 2019
Einführungsvorträge im Sommersemester '19
Auch im Sommersemester 19 wird es Einführungsvorträge zu relevanten Themenbereichen geben.
-
Nov 13, 2018
Folien der Vorträge im Wintersemester '18/19
Auch im Wintersemester 18/19 gab es wieder Einführungsvorträge zu relevanten Themenbereichen.
-
Oct 15, 2018
Folien der Vorträge im Sommersemester '18
Binary Exploitation (07. Mai)
Hier sind die Folien des Einführungsvortrags zum Thema Binary Exploitation am 07.05.2018.
-
Apr 23, 2018
Folien vom Einführungsvortrag im Sommersemester '18
Hier sind die Vortragsfolien vom heutigen Einführungsvortrag. Die Beispielaufgaben sind noch eine Weile verfügbar.
-
Aug 26, 2017
HITB GSEC 2017: babyqemu
This is a short writeup explaining how I solved the “babyqemu” challenge of HITB GSEC 2017. I greatly enjoyed solving the challenge since I had never before written any kind of hypervisor escape.
-
Jul 10, 2017
Polictf 2017 - pyzzeria
This is a writeup for a fun web(+pwn) challenge called ‘pyzzeria’ from this year’s Polictf.
-
Jun 19, 2017
Google CTF Quals 2017 - The X Sanitizer
We participated as Eat Sleep Pwn Repeat in the qualifications for Google CTF last weekend. As expected, the CTF contained some great challenges, one of them being The X Sanitizer, a medium web challenge.
-
May 1, 2017
DEF CON CTF Quals 2017: insanity insanity insanity insanity insanity insanity insanity insanity insane
DEF CON Quals were this weekend, and as always, they delivered some of the hardest pwning challenges we’ve seen this year. insanity was not even one of them, but we still spent several hours solving it, and had tons of fun. The concept is a classic: The program implements a custom VM with weird operations, and you have to reverse and exploit it…
-
Jan 6, 2017
33C3CTF: Challenge Code and Demo Exploits
33C3CTF was organised by the CTF Teams Stratum0, CCCAC and KITCTF. This post is just a short collection of some challenges we made for 33C3CTF, and maybe some more links related to 33C3CTF.
-
Sep 5, 2016
Tokyo Westerns/MMA CTF: Hastur Writeup
hastur was a web/pwnable/forensics, but really actually pwnable challenge in Tokyo Westerns/MMA CTF 2016. It had three stages with three different flags, with a combined point value of 850.
-
May 31, 2016
HITB CTF 2016: 'Special Delivery' writeup
Just a small writeup for “Special Delivery” (network 300) from HITB CTF 2016.
-
Apr 28, 2016
CONFidence 2016 Teaser 'spkac' writeup
This is a writeup for the “spkac” challenge from the CONFidence 2016 Teaser CTF. It was a cryptography challenge worth 200 points.
-
Jan 3, 2016
32C3 CTF: Ranger writeup
ranger was a pwnable worth 400 points during 32C3 CTF 2015. This is just a brief writeup of my solution, mostly to document a few things (in particular seccomp, which I’ve wanted to document for some time now).
-
Jan 2, 2016
32C3 CTF: Docker writeup
docker was a pwnable worth 250 points during 32C3 CTF 2015. The goal was to escape from a (slightly non-standard) docker container configuration.
-
Sep 21, 2015
CSAW 2015 - 'memeshop' writeup
‘memeshop’ was a pwnable worth 400 points in the latest CSAW CTF.
-
Jun 20, 2015
DEFCON 2015 Qualifiers 'babyecho' writeup
This is my writeup for the “babyecho” challenge from the DEFCON 2015 Qualifiers. It was worth 1 Point. (That’s probably the reason for the name babyecho.) Anyway, since this was my first time exploiting a format string vulnerability, I wanted to make a writeup.
-
Jun 1, 2015
Squareroots & KITCTF at GPN15
This announcement was intentionally left german.
-
Apr 26, 2015
PlaidCTF 2015 - TP writeup
tp was an exploitation challenge consisting of two parts, in total woth 620 points. For PlaidCTF we (KITCTF) teamed up with StratumAuhuur as “Eat Sleep Pwn Repeat” and me and Stephen worked together to solve this challenge during the CTF.
-
Mar 30, 2015
Advanced Heap Exploitation: 0CTF 2015 'freenote' writeup
freenote was a pwnable worth 400 points during 0CTF 2015.
-
Mar 27, 2015
Boston Key Party 2015 'Wood Island' writeup
Originally, I wanted to write up the write-up for the airport challenge, but since Niklas has already done that, I’m doing the Wood Island challenge instead. It was worth 150 points on the Boston Key Party 2015.
-
Mar 16, 2015
Smashing the Potato: Codegate 2015 'mashed_potato' writeup
mashed_potato was a pwnable worth 600 points during Codegate CTF 2015.
-
Mar 2, 2015
Boston Key Party 2015 'Sullivan Square' writeup
Sullivan Square was a reversing challenge worth 350 points at the Boston Key Party CTF 2015.
-
Mar 1, 2015
Boston Key Party 2015 'Airport' writeup
Airport was a cryptography challenge worth 500 points at the Boston Key Party CTF 2015.
-
Jan 19, 2015
GITS 2015 CTF 'aart' writeup
aart was a web challenge worth 200 points at the 2015 GITS CTF. There were several ways to solve it, three of which will be described here.
-
Jan 18, 2015
GITS 2015 CTF 'giggles' writeup
giggles was an exploitation challenge worth 300 points at the “Ghost in the Shellcode” CTF 2015.
-
Jan 12, 2015
InsomniHack Teaser - elysium writeup
Just a quick writeup for the elysium (200pts) challenge from the InsomniHack Teaser CTF 2015. We ended up making the 6th place during the CTF :)
-
Jan 9, 2015
31C3 CTF 'saas' writeup
saas was an exploitation challenge worth 50 points at the 31C3 CTF.
-
Dec 30, 2014
31C3 CTF 'mynx' writeup
tl;dr 1 byte overwrite => use after free condition => information leak through a format string. Combined again with the first two steps to gain code execution via a controlled call to system().
-
Dec 30, 2014
31C3 CTF 'devilish' writeup
devilish was a web challenge worth 30 points at the 31C3 CTF.
-
Dec 11, 2014
Basic Tools
CTFs are about the skill, not about the tools. Still, you’ll need a couple of tools to be successful.
In general a good advice is to get used to working with the OS shell. There’s really a lot of things you can do very quickly and effectively if you know your way around bash/zsh/your_favourite_shell_here and python or your_favourite_scripting_language_here. -
Dec 1, 2014
9447 CTF 2014 'europe' writeup
During 9447 CTF 2014, europe was a series of 3 exploitation challenges, all using the same binary. Each one would yield a different flag and in total those three flags where worth 700 points (200, 120, 380).
-
Nov 13, 2014
Staying up-to-date in infosec
tl;dr just subscribe to r/netsec on reddit.
The following is a list of sources to help you stay up-to-date in infosec. If you’re just starting out it probably still can’t hurt to read some of the posts and try to understand them. More often than not they’ll also point you to introductory resources for the topic. -
Nov 13, 2014
Getting Started with CTF
We’ve created a small guide to get you started with CTF and more or less infosec in general. There are a few selected resources for each of the major CTF disciplines that should help you get up to speed in those.
subscribe via RSS