This is the last part of the Capture The Fun series. Somehow, I just got the mood to write this now. Yes, 6 weeks after the event. I was busy dealing with life (career, family, and such). Well, actually most of my time was spent on learning pwn. I feel …

We are given an endpoint which we can connect to. The endpoint gives the following banner right after we connected:

---------------------------------------------------
-  Welcome to AEG (Automatic Exploit Generation)  -
---------------------------------------------------
I will send you a newly compiled binary (probably exploitable) in base64 format
after you get the binary, I will be waiting for your …

We are given a Linux Kernel Module named rootkit and a remote QEMU guest over ssh. Inside the remote QEMU guest, there's a file named flag which we can't open. There's also rootkit.ko which has the same hash digest as rootkit. Inspecting the syslog, there's a line which says …

After Cyber Jawara

Me and my team are fortunate enough to be selected to represent Indonesia in Cyber Sea Game 2017 as part of the 1st place prize. It's a CTF event held by partnership between Japan and ASEAN countries (I think, I'm not sure). The winner of the event …

After a long time urging to write a (not-so-random) story in my blog, finally I had the time to actually write some things. For my debut on my own blog, the first thing to write that comes to mind is my Capture the Flag (CTF) story. We start right when …