3DSCTF2016 - pwn200-not_the_same

A lammer friend ask for your help to exploit a new bin. Can you help him? Send to 54.175.35.248 8006 PS: You dont need shell access to retrieve this flag. The binary have everything. PS 2: Send to the server like you would do through netcat. Ex:…

SHX1 - pwn300-bubble_bass

Bubble Bass has a vulnerable service. Can you exploit it and read the flag.txt file? Server: 34.197.58.21 Port: 9997 Category: Potent PwnablesPoints: 300 Do you need a clue? Click here (http://pastebin.com/E8ijeZnH) Solution Connected to the server.. ..the server asks me to add two…

3DSCTF 2016 - prog200-different_and_notorious_alignment

Access the server in 209.190.1.131:9002 Same situation we encountered at the prog100-alien_dna1 challenge. But this time it's not a simple difference between set's, looks more complex and the description trolled again, ignore. You need to make a program to check all repeated combinations on given…

3DSCTF 2016 - prog100-alien_dna1

Access the server in 54.175.35.248:8001 Solution No secret here, we need to figure out the logic behind the correct answer and send it to server. The picture seems more confusing than helping and I doubt there is any relationship with real DNA subtracting. After some trial…

33C3CTF : web200-pay2win

Do you have enough money to buy the flag? http://78.46.224.78:5000/ Solution The web application list two products to buy.. Cheap Which you can buy with valid card generated here Flag Accept the valid card but return a limit exceeded error message: Analyzing callback data When…

3DSCTF 2016 : rev200-getstarted

get_started() - A very proud programmer hid a flag in his binary. Can you extract it? Send to 54.175.35.248 8005 Flag format: 3DS{flag} Solution Received a ELF 32bit binary named get_started that asks for a "palavrinha magica" (password) when executed.. ..and quits w/ wrong…

3DSCTF 2016 : web200-mapos

MapOs - I just overheard a conversation from the company next door to MapOs and found out that their main system is being updated due to 2 bugs. One of them is related to authentication, but I don't know nothing about the other one besides the fact that it could…

3DSCTF 2016 : stego300-simone_entao_e_natal

Simone - Entao e natal - The end of the year has come... and along with him comes these things of always in Brazil... Simone, Roberto Carlos's special presentation, etc. It seems that some crazy guy for Simone has hidden a flag on her album. Can you find it? P.…

3DSCTF 2016 : misc100-base3200

base3200 - One more message sent by R3cursiv3 Hacker was intercepted. You challenge is to decode the message and reveal the flag. The recovered message is on the attached zip file. Solved by 89 Teams Created by @ea_sh Solution I received a zip file w/ a giant(45mb) msg.…

3DSCTF 2016 : crypto100-cryptomaster

John says that he is the master of his personal server. He created a script that talks to him as if it was his disciple. The problem is that in order to access the server, one needs to know the logic used by the script. Access the server and get…

3DSCTF 2016 : rev100-warmup

Find the flag inside the binary. Flag format: "3DS{flag}" Solution Received a file rev1.rar w/ a binary(rev1_merces) ELF 32bit Strings returned something.. Tried this fake flag and some combinations: 3DS{c0ruj0u}, 3DS{c0ruj0u_te_prende}.. no success. Launched radare2 and look for the functions.. $ radare2 -Ad…

3DSCTF 2016 : crypto100-hotsun

Surfing in the Shallowweb, we have discovered a new algorithm that promises to be the newest substituition cipher. The algorithm to encrypt works as following: the user informs the text to be encrypted and a number N. Initially, the algorithm shift all letters one position to the right (e.g.…

ClimbU : Dynamic and open source live scoring for comps

ClimbU Livescoring is a multiplatform application that allows anyone to manage/display real-time scores. Originally developed for climbing competition(marathon) but can be easily adapted to other sports, other formats. Package intrd/climbu-livescoring Version 3.0 Tags competition, score, display, php, climbing, ranking Project URL http://github.com/intrd/climbu-livescoring…

CryptoWall : Ransomware, métodos de recuperação dos arquivos sequestrados [pt_BR]

Há algum tempo, um amigo solicitou ajuda para entender como um computador de sua empresa, isolado pelo Firewall + AV corporativo havia sido infectado por um Ransomware, o qual "sequestrou" todos seus documentos. Todos os arquivos foram recuperados com sucesso e identificamos o modus operandi do Ransomware. Resolvi então escrever este…

Powerful USB stick : Grub2 booting Mint, Tails and Hirens + (storages NTFS and ext4 LUKS encrypted)

A perfect USB stick for me need in addition to storing files, be a powerful tool for all situations. Thinking about it, I used the GRUB2 and some tricks to create a bootable stick that runs perfectly: Hirens Boot CD 15.2 (Backup & Rescue tools) Linux Mint 17.2…

Kdenlive : The best open source video editor, fixing crashs on Linux Mint

Today I've spent some time testing the Top 3 Linux Open Source video (timeline based) editors. Using a box with Linux Mint 17.2 [xfce4].. Started w/ the Python coded Piviti - buggy and crashes.. Blender - Yes. this powerful Animator software can edit videos like a boss, but.. didn't…

SQLite : DBIntrd - Simple PHP framework for SQLite3 databases

Tired of spending a lot of time manually creating PHP objects and methods(get/set/save..) to connect a SQLite database? DBIntrd is magic way to automatically create objects and persists data at SQLite3 tables. Package details package: DBIntrd version: 1.6 category: sqlite author: intrd - http://dann.com.…

Mech keyboard : CM Quick Fire TK - AutoHotKey, Numpad navigation(home, pgup, arrows) w/ numlock enabled

Bought this amazing mechanical keyboard recently. Chose this model precisely because it is compact, but ended up into one inconvenient. The NUMLK needs to be disabled every time you want to use some of the navigation keys(home, del, pgup..), and yes.. this is really annoying when you're coding. Solution?…

Bitcoin : Raspberry Pi - Bitcoin standalone chart monitor

With this method you will be able to display BitcoinWisdom data or even your custom Tradingview chart into a auto-bootable fullscreen minimalist linux device. The chart stored in the Tradingview can be easily customized from any computer on-the-fly without needing to change anything on Pi. Description This project consists in…

Bitcoin : Guia definitivo, parte 2/3: Experiências e técnicas de mineração de criptomoedas [pt_BR]

Devido à dificuldade de mineração sempre crescente do Bitcoin, esta tarefa tem se tornado uma batalha de gigantes, acabando sendo inviável até mesmo para quem esteja disposto a investir alto em hardware. Neste artigo vou detalhar os princípios de mineração desde o Solo Mining até P2P e Cloud-mining, tomando como…

Bitcoin : Guia definitivo, parte 1/3: Ideologia e estrutura da rede [pt_BR]

Bitcoin é uma moeda digital baseada numa tecnologia que tem o potencial de mudar a forma como realizamos transações monetárias, e sem dúvidas causar um impacto gigantesco na economia mundial. Não se limitando apenas à Economia, essa tecnologia se estende para qualquer sistema dependente de registros à prova de adulteração.…

Bitcoin : HAL 10K - Bitcoin PHP trading & helper bot

This project are DEPRECATED ..and moved to a closed source project.. https://github.com/intrd/bitcoin-tofybot Official post -> HAL 10K @ PHP Bitcoin trading & helper bot GitHUB stable Source code Bitcointalk announcemnt thread After losing some money on Bitcoin exchanges, I decided to develop my own Trading bot/helper.…