BuckeyeCTF 2021 Writeups

rainbowpigeon.helge[AT]8alias.com (rainbowpigeon) — Tue, 26 Oct 2021 14:51:06 +0800

Kinda disappointed I wasn’t able to do any Web ones (that weren’t solved already), but it’s alright. We got 7th place across all teams despite only having 4 members participating in this :)

Details	Links
CTFtime.org Event Page	https://ctftime.org/event/1434

BrainHack CDDC 2021 Writeups

rainbowpigeon.helge[AT]8alias.com (rainbowpigeon) — Fri, 25 Jun 2021 12:00:06 +0900

I joined the Junior Category this year and I’ll be frank: this was quite badly organized. It seems that they did not conduct any proper dry runs of the event. They had broken challenges (missing crucial challenge information, missing code in files, non-functional websites) and the worst thing is that they do not even announce when they are aware of the problem, when they are working on rectifying it, and when they have fixed it. Instead, we were left to figure out ourselves that a particular challenge file had been silently changed, or a vital piece of information was quietly added into some challenge description.
There were also insufficent challenges (or they were of inadequate difficulty) to cover the duration of the event, which rendered their plan and timing of staggered challenge releases meaningless. Many hours before each challenge-release checkpoint, the top teams were already tied by their scores and idling. This means that the final winner would essentially be based only on the last challenge-release – which was a Web mission comprising 3 challenges. But because the final Web challenge was inoperative, the top teams basically came to a tie again while waiting for the challenge to be fixed after solving the other 2. Initially, no one knew it was broken so we did not even know what payloads we sent were supposed to work. And when they said it was supposedly fixed, it wasn’t. Isn’t that disorienting?
Some more side points to note is that they delayed the winners announcement livestream 3 times for a total of 6 hours, and the live scoreboard was alphabetically sorted rather than based on time in the event that scores were tied.
Honestly, what’s even scarier is that I heard the Senior Category had even more serious issues, such as being only able to login a day after the competition started…

Anyway, big shoutout to my team for trying their best to find time to work on this together! We came in 3rd and that’s satisfactory.
🎵 Haywood - Backbeat was a really good tune that I put on for this CTF :)

Buffer Overflow on rainbowpigeon

BuckeyeCTF 2021 Writeups

BrainHack CDDC 2021 Writeups