1. Capture The Fun: SECCON 2017 Final International Competition

    This is the last part of the Capture The Fun series. Somehow, I just got the mood to write this now. Yes, 6 weeks after the event. I was busy dealing with life (career, family, and such). Well, actually most of my time was spent on learning pwn. I feel …

    read more
  2. pwnable.kr: aeg (550)

    We are given an endpoint which we can connect to. The endpoint gives the following banner right after we connected:

    ---------------------------------------------------
    -  Welcome to AEG (Automatic Exploit Generation)  -
    ---------------------------------------------------
    I will send you a newly compiled binary (probably exploitable) in base64 format
    after you get the binary, I will be waiting for your …
    read more
  3. pwnable.kr: rootkit (400)

    We are given a Linux Kernel Module named rootkit and a remote QEMU guest over ssh. Inside the remote QEMU guest, there's a file named flag which we can't open. There's also rootkit.ko which has the same hash digest as rootkit. Inspecting the syslog, there's a line which says …

    read more
  4. Capture The Fun: Cyber Sea Game 2017

    After Cyber Jawara

    Me and my team are fortunate enough to be selected to represent Indonesia in Cyber Sea Game 2017 as part of the 1st place prize. It's a CTF event held by partnership between Japan and ASEAN countries (I think, I'm not sure). The winner of the event …

    read more
  5. Capture The Fun: Cyber Jawara 2017

    After a long time urging to write a (not-so-random) story in my blog, finally I had the time to actually write some things. For my debut on my own blog, the first thing to write that comes to mind is my Capture the Flag (CTF) story. We start right when …

    read more

page 1 / 3