hateful2

This post is a write-up for the pwn.hateful2 challenge in Nullcon Goa HackIM 2025 CTF. root@72f9eb9e3ebc:/chal/NULLCON/hateful2# ./ld-linux-x86-64.so.2 --library-path . ./hateful2 _______ _________ _______ _______ _ _______ |\ /|( ___ )\__ __/( ____ \( ____ \|\ /|( \ / ___ ) | ) ( || ( ) | ) ( | ( \/| ( \/| ) ( || ( \/ ) | | (___) || (___) | | | | (__ | (__ | | | || | / ) | ___ || ___ | | |

PowerPlay

By Smallfoot Feb 1, 2025

*nix philosophies

A CSAW '24 Quals challenge

Is There an Echo

Maybe next time you should record your music in an acoustically treated space by slimecat Plug This challenge was written for CSAW 2024 qualifiers by a member of NYU's OSIRIS Lab. CSAW is the world's most comprehensive student-run cybersecurity event and it's hosted here

Exfilter

This was the easiest rev challenge in brics+ CTF, hosted by ITMO in Russia with the support of several (as of the time of writing) US sanctioned Russian companies. The challenge includes two files, exfilter.ko, a kernel module, and exfilter_traff.pcapng, a network capture. Opening exfilter_traff.pcapng

shELFing

This is the first, and easiest challenge in the brics+ CTF, hosted by ITMO in Russia with the support of several (as of the time of writing) US sanctioned Russian companies. This challenge suggests that you have to send a tiny ELF x64 executable which calls /bin/sh or equivalent.

DEFCON 2022 Quals: hash-it-0

shellcoding using hash functions! hash it 0 The hash-it-0 challenge is from DEFCON’s 2022 qualification round. It is like a normal shellcoding challenge but with mild steroids… The challenge involves shellcoding and we need to encode the shellcode for the target program to process and execute. Analysis The challenge

GPU accelerated SMT constraint solving

By applying traditional fuzzing techniques, we achieved high throughput SMT constraint solving. We were able to achieve 23 billion execs/s using GPU acceleration. SMT solvers typically apply very complicated algorithms to determine if a set of constraints is satisfiable (and produce a solution). The approach that we have taken

CUDA Reversing Challenge

This year’s CSAW quals was the first time I authored a challenge, the challenge is called krakme and it was a 200pt rev challenge. You can view the challenge files in the repo here. The idea for this challenge was formed after reading this paper The impact of GPU-assisted

DawgCTF 2020 - Where we roppin boys?

CTF Writeup for DawgCTF 2020: Where we roppin boys? DawgCTF 2020: Where we roppin boys? (350 points) * Challenge author: trashcanna Challenge files can be found here. Overview The rop program we are presented with is quite simple. main runs the welcome function, then the tryme function. The welcome function mmaps

Vasilisk

Vasilisk is a V8 JIT fuzzer that focuses on optimization passes. Background Fuzzing consists of randomized input generation to automate the process of finding crashes in programs. The probability of finding a crash increases as code coverage in the application increases. In a well formed fuzzing campaign, test cases are

Reverse Engineering Go, Part II

This post is on how the Ghidra decompiler works, and how to make it work for Go. Part 1 At the time of writing, the most recent major version of Go is Go 1.13 golang.org The most recent major version of Ghidra is Ghidra 9.11 github.com/