Category: writeups

• Jun 1, 2024 GPNCTF: Trapdoor author writeup

  For the GPNCTF I wrote a crypto challenge. It was called Trapdoor and at least I thought about using advanced mathematics to solve it.

• Mar 29, 2024 KalmarCTF 2024: Symmetry writeup
• Mar 29, 2024 Google Capture The Flag 2023: oldschool and UBF writeup
• Mar 3, 2024 BraekerCTF 2024 – Injecting Commands – Writeup
• Oct 31, 2023 CSR23 simple-asm
• Oct 31, 2023 CyberSecurityRumble Quals & Finals 2023: Exterminate & PCaS
• Oct 31, 2023 Cyber Security Rumble Finals CTF 2023 – elkcip – Writeup
• Apr 11, 2023 hxp CTF 2022 tex_based_adventure: Post-CTF writeup
• Feb 10, 2023 KITCTFCTF 2022 Slots Writeup
• Feb 10, 2023 DiceCTF 2023: parallelism and not-baby-parallelism writeup
• Jan 16, 2023 Real World CTF 2023: ChatUWU Writeup

  Real World CTF 2023 is a jeopardy-style capture-the-flag event, known for its realistic challenges. We participated as part of the Sauercloud CTF team.

• Jan 8, 2023 Real World CTF 2023: Happy-Card Writeup

  Real World CTF 2023 was a jeopardy-style capture-the-flag event. We participated as part of the Sauercloud CTF-team.

• Dec 25, 2022 KITCTFCTF 2022 V8 Heap Sandbox Escape
• Jul 21, 2022 Google CTF 2022 Js Safe 4.0

  Google CTF 2022 was my first jeopardy CTF with KITCTF. This is my write-up for the challenge Js Safe 4.0.

• Jul 21, 2022 Google CTF 2022 APPNOTE.txt

  Google CTF 2022 was my first jeopardy CTF with KITCTF. This is my write-up for the challenge APPNOTE.txt.

• Apr 25, 2022 b01lers CTF 2022: resnet Model Inversion
• Feb 17, 2022 Defcamp 2022 Writeups

  Here are a few writeups from the tasks we solved at DefCamp Capture the Flag 2022.

• Jan 31, 2022 Insomnihack Teaser 2022: Herald
• Dec 19, 2021 hxp CTF 2021: Shitty Blog
• Nov 30, 2021 Cyber Security Rumble 2021: UnknownOrigin
• Nov 30, 2021 Cyber Security Rumble 2021: Unaffordable
• Nov 30, 2021 Cyber Security Rumble 2021: FollowTheLeader
• Nov 30, 2021 Cyber Security Rumble 2021: CSRunner
• Nov 17, 2021 hack.lu CTF 2021: Touchy Logger
• Nov 17, 2021 hack.lu CTF 2021: PYCOIN
• Nov 16, 2021 ASIS CTF 2021: Madras
• Nov 16, 2021 ASIS CTF 2021: Gesture
• Nov 16, 2021 ASIS CTF 2021: Factory
• Nov 16, 2021 ASIS CTF 2021: Crypto Warm up
• Jun 28, 2020 CSCG 2020: Xmas Shopping Site

  Like a few other members of KITCTF I participated in the 2020 Cyber Security Challenge Germany Qualification. This is a writeup for “Xmas Shopping Site”, one of the three web challenges that were part of the CTF.

• Aug 26, 2017 HITB GSEC 2017: babyqemu

  This is a short writeup explaining how I solved the “babyqemu” challenge of HITB GSEC 2017. I greatly enjoyed solving the challenge since I had never before written any kind of hypervisor escape.

• Jul 10, 2017 Polictf 2017 - pyzzeria

  This is a writeup for a fun web(+pwn) challenge called ‘pyzzeria’ from this year’s Polictf.

• Jun 19, 2017 Google CTF Quals 2017 - The X Sanitizer

  We participated as Eat Sleep Pwn Repeat in the qualifications for Google CTF last weekend. As expected, the CTF contained some great challenges, one of them being The X Sanitizer, a medium web challenge.

• May 1, 2017 DEF CON CTF Quals 2017: insanity insanity insanity insanity insanity insanity insanity insanity insane

  DEF CON Quals were this weekend, and as always, they delivered some of the hardest pwning challenges we’ve seen this year. insanity was not even one of them, but we still spent several hours solving it, and had tons of fun. The concept is a classic: The program implements a custom VM with weird operations, and you have to reverse and exploit it…

• Sep 5, 2016 Tokyo Westerns/MMA CTF: Hastur Writeup

  hastur was a web/pwnable/forensics, but really actually pwnable challenge in Tokyo Westerns/MMA CTF 2016. It had three stages with three different flags, with a combined point value of 850.

• May 31, 2016 HITB CTF 2016: 'Special Delivery' writeup

  Just a small writeup for “Special Delivery” (network 300) from HITB CTF 2016.

• Apr 28, 2016 CONFidence 2016 Teaser 'spkac' writeup

  This is a writeup for the “spkac” challenge from the CONFidence 2016 Teaser CTF. It was a cryptography challenge worth 200 points.

• Jan 3, 2016 32C3 CTF: Ranger writeup

  ranger was a pwnable worth 400 points during 32C3 CTF 2015. This is just a brief writeup of my solution, mostly to document a few things (in particular seccomp, which I’ve wanted to document for some time now).

• Jan 2, 2016 32C3 CTF: Docker writeup

  docker was a pwnable worth 250 points during 32C3 CTF 2015. The goal was to escape from a (slightly non-standard) docker container configuration.

• Sep 21, 2015 CSAW 2015 - 'memeshop' writeup

  ‘memeshop’ was a pwnable worth 400 points in the latest CSAW CTF.

• Jun 20, 2015 DEFCON 2015 Qualifiers 'babyecho' writeup

  This is my writeup for the “babyecho” challenge from the DEFCON 2015 Qualifiers. It was worth 1 Point. (That’s probably the reason for the name babyecho.) Anyway, since this was my first time exploiting a format string vulnerability, I wanted to make a writeup.

• Apr 26, 2015 PlaidCTF 2015 - TP writeup

  tp was an exploitation challenge consisting of two parts, in total woth 620 points. For PlaidCTF we (KITCTF) teamed up with StratumAuhuur as “Eat Sleep Pwn Repeat” and me and Stephen worked together to solve this challenge during the CTF.

• Mar 30, 2015 Advanced Heap Exploitation: 0CTF 2015 'freenote' writeup

  freenote was a pwnable worth 400 points during 0CTF 2015.

• Mar 27, 2015 Boston Key Party 2015 'Wood Island' writeup

  Originally, I wanted to write up the write-up for the airport challenge, but since Niklas has already done that, I’m doing the Wood Island challenge instead. It was worth 150 points on the Boston Key Party 2015.

• Mar 16, 2015 Smashing the Potato: Codegate 2015 'mashed_potato' writeup

  mashed_potato was a pwnable worth 600 points during Codegate CTF 2015.

• Mar 2, 2015 Boston Key Party 2015 'Sullivan Square' writeup

  Sullivan Square was a reversing challenge worth 350 points at the Boston Key Party CTF 2015.

• Mar 1, 2015 Boston Key Party 2015 'Airport' writeup

  Airport was a cryptography challenge worth 500 points at the Boston Key Party CTF 2015.

• Jan 19, 2015 GITS 2015 CTF 'aart' writeup

  aart was a web challenge worth 200 points at the 2015 GITS CTF. There were several ways to solve it, three of which will be described here.

• Jan 18, 2015 GITS 2015 CTF 'giggles' writeup

  giggles was an exploitation challenge worth 300 points at the “Ghost in the Shellcode” CTF 2015.

• Jan 12, 2015 InsomniHack Teaser - elysium writeup

  Just a quick writeup for the elysium (200pts) challenge from the InsomniHack Teaser CTF 2015. We ended up making the 6th place during the CTF :)

• Jan 9, 2015 31C3 CTF 'saas' writeup

  saas was an exploitation challenge worth 50 points at the 31C3 CTF.

• Dec 30, 2014 31C3 CTF 'mynx' writeup

  tl;dr 1 byte overwrite => use after free condition => information leak through a format string. Combined again with the first two steps to gain code execution via a controlled call to system().

• Dec 30, 2014 31C3 CTF 'devilish' writeup

  devilish was a web challenge worth 30 points at the 31C3 CTF.

• Dec 1, 2014 9447 CTF 2014 'europe' writeup

  During 9447 CTF 2014, europe was a series of 3 exploitation challenges, all using the same binary. Each one would yield a different flag and in total those three flags where worth 700 points (200, 120, 380).