- CTF, Cybersecurity, Reverse engineering and stuff
MetaCTF February 2025 Flash CTF
MetaCTF February 2025 Flash CTF consists of 5 challenges. Cookie Crackdown We’re auditing some websites to check if they’re GDPR compliant, and I’m pretty sure this site isn’t… Upon loading the site, we are presented with a modal requiring us to consent to cookies. From the challenge description and the web page, we can assume that the flag is probably stored as a cookie. Pressing F12 will bring up the Developer menu....
MetaCTF November 2024 Flash CTF
MetaCTF November 2024 Flash CTF consists of 5 challenges. Slithering Security Help me test my sssecurity, can you get the flag from this ssssecure sssscript? Download the challenge file here. We are provided with a small Python script that prompts the user for a password. If the correct password is entered, the script reveals the flag. Here’s the code: #!/usr/bin/env python3 SECRET_FLAG=b"\x54\x57\x56\x30\x59\x55\x4e\x55\x52\x6e\x74\x6b\x4d\x47\x34\x33\x58\x7a\x64\x79\x64\x58\x4d\x33\x58\x32\x4e\x73\x4d\x57\x34\x33\x63\x31\x39\x33\x61\x54\x64\x6f\x58\x33\x4d\x7a\x59\x33\x49\x7a\x4e\x33\x4e\x7a\x63\x33\x4e\x7a\x63\x33\x4e\x39" HASHED_PASSWORD = b'\x12\x1eW\x98\x00\xc1C\xff\xe3\xa9\x15\xde\xd9\x00\x9b\xc9' from base64 import b64decode from hashlib import md5 def check_password(password): m = md5() m....
MetaCTF Middleman
You managed to get access to a device (indicated in red) on the network shown below. One of the hosts on that network is sending the flag over HTTPS to another host every ~5 seconds. Can you intercept it? ? This environment is somewhat limited. Look through the tools available to you on the machine. The network you connect to is not shared with other participants. Connect with ssh [REDACTED] -p 7000...
MetaCTF October 2024 Flash CTF
MetaCTF October 2024 Flash CTF consists of 5 challenges. Only 3 of them are covered here. runCAPTCHA We’re tracking a cyber actor’s new malware campaign that’s using a fake reCAPTCHA check to infect computers. Thankfully, the malware itself seems to have been taken down, but >can you analyze the initial infection page to look for any signatures? When visiting the website, you are given “reCaptcha”, and upon clicking, a modal window appears, instructing you to verify that you are not a robot....
MetaCTF September 2024 Flash CTF
MetaCTF September 2024 Flash CTF consists of 5 challenges. Only 3 of them are covered here. Stack Smashers This is the first challenge. We are given the source code for a small C program that takes user input, writes it to a 16-byte buffer (buffer[16]), and then checks if memory.winner is set to true. If it is, the win() function is executed, which prints out the flag. The program uses gets() to read the input....