The original code is here: anarchy golf - the source code I modified it a bit so it will support Python 3 as well without breaking the code. Instead of using the print statement(Py2)/function(Py3), I replace it with __import__('sys').stdou…

My first CTF programming solution without bug :3 (or at least I haven't found any yet :p) When we first connect to the server, we are given a 12-byte string. And in order to prove that we are "not robot", we must reply with a 20-byte strin…

My code is kinda messy and buggy :<. I can fix it, but I would like to keep things like during the contest (sorry for this weird habit :p). So I will outline my ideas from my solution here: For level 0 and 1, I use Google Geocoding API (ht…

Decompile the provided APK file with http://www.decompileandroid.com/, and then open the file MainActivity.java at /com/ctf/vezel, I found this: // Decompiled by Jad v1.5.8e. Copyright 2001 Pavel Kouznetsov. // Jad home page: http://www.ge…

I am a newbie at CTFs so there will be many errors in this writeup. If you found one (or some), please leave a comment or send me an e-mail :D. Thank you :D On the main page we see an upload form, so we can guess that this site has a Local…

I am a newbie at CTFs so there will be many errors in this writeup. If you found one (or some), please leave a comment or send me an e-mail :D. Thank you :D Try to run the binary with ltrace, I got: junior_guest@ip-172-31-0-234:/home/urand…

I am a newbie at CTFs so there will be many errors in this writeup. If you found one (or some), please leave a comment or send me an e-mail :D. Thank you :D Basic buffer overflow exploitation. We got the following code: #include <stdio.h> #include <stdlib.h></stdlib.h></stdio.h>…