Here is the write-up for the CTF challenge #21 organized by the team PPP. I liked this one pretty much, I think it was a very good challenge a bit tricky but still a very good one. Congrats to PPP for this original idea

We were the first team to solve this challenge, so we got some extra breakthrough points, and as far as I’m concerned we where the only ones who solved it.
(more…)

Here is the write-up for the CTF challenge #10 organized by the team PPP. This was an easy one if you have been into Ham Radio.

The challenge description was as follows:

Well I’m not a forensics guy, but I decided to give a try to this challenge just for curiosity. As soon as I heard the audio it reminded me my old Ham Radio days. It sounded similar to the NOAA satellite transmissions used to transfer weather images…
(more…)

Continuing with the writeup saga about SbD wargames, today we’re talking about one challenge that made our brains literally burn. To be honest, that was primarily because we were so fuckin n00b we didn’t know how to use openssl right. Maybe because the excitement of the moment, maybe because we were to lazy to read a fucking manual or another unexplainable reason involving some weird planet alignment. I don’t care, and because that’s something involving the last stage of what will be our second writeup, we’ll forget about it for a moment. Let’s talk about bin02.
(more…)

About a week ago we had the pleasure of playing in the first SecurityByDefault wargame. What to say, we had enough variety of things to do to keep us busy thinking, learning, creating and applying. It was constructive, and so motivating we finally could get rid of this creepy apparent inactivity surrounding the entire page since our debut last summer in Las Vegas.

So, what are we going to talk about? Among the other challenges, there was one I think best summarizes the ideal of “hacking”. I’m talking about the last cryptography challenge we played, cry03.

cry03 was a good challenge despite its forgivable error. Although we couldn’t decrypt it, we followed the right path, and that’s what this post is all about.

(more…)

Here is the write-up for the DefCon 18 CTF service cohen which we got reversed and exploited during the night before the last day. Anyway we weren’t able to score a breakthrough with it cause somebody was exploiting it with bad offsets and caused a DoS on the service for all the teams, damn….

• Write-Up:  http://www.painsec.com/writeups/defcon18/defcon18-cohen.pdf
• Service Binary:  http://www.painsec.com/writeups/defcon18/cohend
• Exploit:  http://www.painsec.com/writeups/defcon18/cohen-exploit.c

Our team member Sakebomb, has written the write-up for this Crypto challenge from the Defcon 18 CTF Quals.

You can grab our Write-Up here or under the writeups section.

Cheers!

We are glad to announce that our team has finished on 7th place on Defcon Quals, so we’ll be on the final in Las Vegas!

It has been incredible to achieve that result 2 months after the team was created. Congrats to all the team!! It is fantastic to be able to work with you all.

See you in Vegas!!!

After many hours non-stop and a few sleep we are done with the Write-UP for the challenges of this CTF. Around 1000 people signed for the challenge and only 32 managed to finish it. We scored eight (not bad) even with most of the members of the team not participating.

You can grab our Write-Up here or under the writeups section.