https://rainbowpigeon.me/tags/writeup/ Recent content in Writeup on rainbowpigeon Hugo -- gohugo.io en rainbowpigeon.helge[AT]8alias.com (rainbowpigeon) rainbowpigeon.helge[AT]8alias.com (rainbowpigeon) ©2025 rainbowpigeon, All Rights Reserved Mon, 13 Jun 2022 00:20:06 +0900 https://rainbowpigeon.me/posts/seetf-2022-susware/ Mon, 13 Jun 2022 00:20:06 +0900 rainbowpigeon.helge[AT]8alias.com (rainbowpigeon) Mon, 13 Jun 2022 00:20:06 +0900 https://rainbowpigeon.me/posts/seetf-2022-susware/ <p>This SEETF 2022 Reversing challenge only had 1 solve by AuroraDawn&rsquo;s gigx. no rev/pwn no life (r4kapig)&rsquo;s crazyman was really close though!</p> <table> <thead> <tr> <th>Details</th> <th>Links</th> </tr> </thead> <tbody> <tr> <td>CTFtime.org Event Page</td> <td><a href="https://ctftime.org/event/1543">https://ctftime.org/event/1543</a></td> </tr> <tr> <td>Official SEETF Discord</td> <td><a href="https://discord.gg/JNVzKc7PJR">https://discord.gg/JNVzKc7PJR</a></td> </tr> <tr> <td>Official Event Landing Page</td> <td><a href="https://seetf.sg/seetf/">https://seetf.sg/seetf/</a></td> </tr> <tr> <td>Publicly-released Challenges</td> <td><a href="https://github.com/Social-Engineering-Experts/SEETF-2022-Public">https://github.com/Social-Engineering-Experts/SEETF-2022-Public</a></td> </tr> </tbody> </table> rainbowpigeon featured image CTF Writeup IDA Reverse Engineering CTF https://rainbowpigeon.me/posts/grey-cat-the-flag-qualifiers-2022/ Sun, 12 Jun 2022 13:42:06 +0800 rainbowpigeon.helge[AT]8alias.com (rainbowpigeon) Sun, 12 Jun 2022 13:42:06 +0800 https://rainbowpigeon.me/posts/grey-cat-the-flag-qualifiers-2022/ <p>We got 4th overall and also qualified for the finals as the 3rd verified local team! My teammates were absolute beasts even though they were quite busy :) Challenge names with 🍭 are supposed to be &ldquo;easier&rdquo; while those with 🩸 come with first blood prizes (I managed to get 2!).<br /> <div class="expand"> <button type="button" class="expand__button" aria-label="Expand Button"> <span class="expand-icon expand-icon__right"> <svg xmlns="http://www.w3.org/2000/svg" width="24" height="24" viewBox="0 0 24 24"><path fill="currentColor" d="M9.29 15.88L13.17 12 9.29 8.12c-.39-.39-.39-1.02 0-1.41.39-.39 1.02-.39 1.41 0l4.59 4.59c.39.39.39 1.02 0 1.41L10.7 17.3c-.39.39-1.02.39-1.41 0-.38-.39-.39-1.03 0-1.42z"/></svg> </span> Leaderboard, final placings, prizes, and solves breakdown </button> <div class="expand__content"> <img src="https://rainbowpigeon.me/images/content/grey-cat-the-flag-qualifiers-2022/leadergraph.png" alt="Leaderboard graph" /><br /> <img src="https://rainbowpigeon.me/images/content/grey-cat-the-flag-qualifiers-2022/scoreboard.png" alt="Scoreboard" /><br /> <img src="https://rainbowpigeon.me/images/content/grey-cat-the-flag-qualifiers-2022/finalists.png" alt="Finalists Discord announcement" /><br /> <img src="https://rainbowpigeon.me/images/content/grey-cat-the-flag-qualifiers-2022/first_blood.png" alt="First blood prizes Discord announcement" /><br /> <img src="https://rainbowpigeon.me/images/content/grey-cat-the-flag-qualifiers-2022/teamgraph.png" alt="Team solves graph" /><br /> <img src="https://rainbowpigeon.me/images/content/grey-cat-the-flag-qualifiers-2022/teambreakdown.png" alt="Team solves breakdown" /><br /> <img src="https://rainbowpigeon.me/images/content/grey-cat-the-flag-qualifiers-2022/individualgraph.png" alt="Individual solves graph" /><br /> <img src="https://rainbowpigeon.me/images/content/grey-cat-the-flag-qualifiers-2022/individualbreakdown.png" alt="Individual solves breakdown" /> </div> </div></p> <table> <thead> <tr> <th>Details</th> <th>Links</th> </tr> </thead> <tbody> <tr> <td>CTFTime.org Event Page</td> <td><a href="https://ctftime.org/event/1643/">https://ctftime.org/event/1643/</a></td> </tr> <tr> <td>Official Grey Cat The Flag Discord</td> <td><a href="https://discord.gg/d9wbXEP2wN">https://discord.gg/d9wbXEP2wN</a></td> </tr> <tr> <td>Official Event Landing Page</td> <td><a href="https://ctf.nusgreyhats.org/">https://ctf.nusgreyhats.org/</a></td> </tr> </tbody> </table> rainbowpigeon featured image CTF Writeup Android angr Burp Suite Go Haskell IDA Javascript Reverse Engineering Web Wireshark CTF https://rainbowpigeon.me/posts/ctfsg-ctf-2022/ Mon, 14 Mar 2022 00:16:06 +0800 rainbowpigeon.helge[AT]8alias.com (rainbowpigeon) Mon, 14 Mar 2022 00:16:06 +0800 https://rainbowpigeon.me/posts/ctfsg-ctf-2022/ <p>We got <strong>3rd place</strong> which was quite an improvement from the result of our previous year&rsquo;s participation! I also managed to get a First Blood for <a href="#wordle">Wordle</a>.<br /> Anyway I apologize for my slight inactivity at the start of the year — I was quite busy so I didn&rsquo;t participate in any CTFs or events to write about. <br /> 🎵 <a href="https://www.youtube.com/watch?v=WXG_3Uktfms">Coldplay X Selena Gomez - Let Somebody Go (Kygo Remix)</a> 🎵<br /> <div class="expand"> <button type="button" class="expand__button" aria-label="Expand Button"> <span class="expand-icon expand-icon__right"> <svg xmlns="http://www.w3.org/2000/svg" width="24" height="24" viewBox="0 0 24 24"><path fill="currentColor" d="M9.29 15.88L13.17 12 9.29 8.12c-.39-.39-.39-1.02 0-1.41.39-.39 1.02-.39 1.41 0l4.59 4.59c.39.39.39 1.02 0 1.41L10.7 17.3c-.39.39-1.02.39-1.41 0-.38-.39-.39-1.03 0-1.42z"/></svg> </span> Leaderboard and placing announcement </button> <div class="expand__content"> <img src="https://rainbowpigeon.me/images/content/ctfsg-ctf-2022/leaderboard.png" alt="Leaderboard with solves graph" /><br /> <img src="https://rainbowpigeon.me/images/content/ctfsg-ctf-2022/discord_announcement.png" alt="Placing announcement" /> </div> </div></p> <table> <thead> <tr> <th>Details</th> <th>Links</th> </tr> </thead> <tbody> <tr> <td>Official CTF.SG CTF Discord</td> <td><a href="https://discord.gg/Gn8DXWBV88">https://discord.gg/Gn8DXWBV88</a></td> </tr> <tr> <td>Official author writeups for my solved challenges</td> <td><a href="https://link.medium.com/D0dGLaJ3lob">https://link.medium.com/D0dGLaJ3lob</a></td> </tr> </tbody> </table> rainbowpigeon featured image CTF Writeup Python IDA Reverse Engineering CTF https://rainbowpigeon.me/posts/htx-ic-2021/ Fri, 24 Dec 2021 00:12:06 +0800 rainbowpigeon.helge[AT]8alias.com (rainbowpigeon) Fri, 24 Dec 2021 00:12:06 +0800 https://rainbowpigeon.me/posts/htx-ic-2021/ <p>I&rsquo;m really proud of my team for topping the scoreboard!<br /> This CTF was done through a 3D Unity game where there are 3 locations for you to explore and find challenges in. There were hiccups with some challenges but generally it was still fine. It would have also been nice if the in-game description texts for challenges were made selectable so that we could copy-and-paste them elsewhere for convenience and organization.<br /> 🎵 <a href="https://www.youtube.com/watch?v=8oT4NWfrZ1g">Afrojack, Lucas &amp; Steve, DubVision - Anywhere With You (Festival Mix)</a> 🎵<br /> <div class="expand"> <button type="button" class="expand__button" aria-label="Expand Button"> <span class="expand-icon expand-icon__right"> <svg xmlns="http://www.w3.org/2000/svg" width="24" height="24" viewBox="0 0 24 24"><path fill="currentColor" d="M9.29 15.88L13.17 12 9.29 8.12c-.39-.39-.39-1.02 0-1.41.39-.39 1.02-.39 1.41 0l4.59 4.59c.39.39.39 1.02 0 1.41L10.7 17.3c-.39.39-1.02.39-1.41 0-.38-.39-.39-1.03 0-1.42z"/></svg> </span> Scoreboard </button> <div class="expand__content"> <img src="https://rainbowpigeon.me/images/content/htx-ic-2021/team.png" alt="Graph of challenge solves over time" /><br /> <img src="https://rainbowpigeon.me/images/content/htx-ic-2021/all_teams.png" alt="Graph of challenge solves over time" /> </div> </div></p> rainbowpigeon featured image CTF Writeup dotNET Burp Suite Forensics Javascript OSINT Steganography Reverse Engineering Wireshark Web CTF https://rainbowpigeon.me/posts/tisc-2021/ Mon, 22 Nov 2021 00:51:06 +0800 rainbowpigeon.helge[AT]8alias.com (rainbowpigeon) Mon, 22 Nov 2021 00:51:06 +0800 https://rainbowpigeon.me/posts/tisc-2021/ <p>I could have been 5th place but unfortunately I did not officially qualify to be a real participant in this event. Still had a good time though, notwithstanding the fact that there was so much &lsquo;steganography&rsquo; and quite a bit of guesswork at certain points :)</p> <table> <thead> <tr> <th>Details</th> <th>Links</th> </tr> </thead> <tbody> <tr> <td>Official Event Information Page</td> <td><a href="https://www.csit.gov.sg/tisc/tisc-home">https://www.csit.gov.sg/tisc/tisc-home</a></td> </tr> <tr> <td>Official Event Landing Page</td> <td><a href="https://www.tisc.csit-events.sg/">https://www.tisc.csit-events.sg/</a></td> </tr> <tr> <td>Official Event Summary</td> <td><a href="https://www.csit.gov.sg/tisc/tisc-2021-summary">https://www.csit.gov.sg/tisc/tisc-2021-summary</a></td> </tr> </tbody> </table> rainbowpigeon featured image CTF Writeup Android Autopsy Forensics IDA IoT Steganography SQL Injection Reverse Engineering Wireshark Web XSS CTF https://rainbowpigeon.me/posts/malwarebytes-crackme-3-2021/ Sat, 20 Nov 2021 09:51:06 +0800 rainbowpigeon.helge[AT]8alias.com (rainbowpigeon) Sat, 20 Nov 2021 09:51:06 +0800 https://rainbowpigeon.me/posts/malwarebytes-crackme-3-2021/ <p>This CrackMe was a pleasure to complete! It was decently difficult for my level and I definitely learnt a lot. I was the 6th to submit, though I could have probably been faster if the release aligned with my timezone and I didn&rsquo;t spend that much time outside 😄. Nevertheless, I won the main prize for the writeup contest!<br /> Much appreciation to hasherezade for designing this CrackMe as well as releasing all her amazing tools that aid analysis. </p> <table> <thead> <tr> <th>Details</th> <th>Links</th> </tr> </thead> <tbody> <tr> <td>Official Contest Announcement</td> <td><a href="https://blog.malwarebytes.com/threat-intelligence/2021/10/the-return-of-the-malwarebytes-crackme/">https://blog.malwarebytes.com/threat-intelligence/2021/10/the-return-of-the-malwarebytes-crackme/</a></td> </tr> <tr> <td>Official Contest Summary</td> <td><a href="https://blog.malwarebytes.com/threat-intelligence/2021/11/malwarebytes-crackme-contest-summary/">https://blog.malwarebytes.com/threat-intelligence/2021/11/malwarebytes-crackme-contest-summary/</a></td> </tr> <tr> <td>Github Gist Version of Writeup</td> <td><a href="https://gist.github.com/rainbowpigeon/1d6e3997a050e2b3bd6e67846c2c7085">https://gist.github.com/rainbowpigeon/1d6e3997a050e2b3bd6e67846c2c7085</a></td> </tr> </tbody> </table> rainbowpigeon featured image Writeup dotNET IDA Reverse Engineering CrackMe Malwarebytes CrackMe https://rainbowpigeon.me/posts/buckeyectf-2021/ Tue, 26 Oct 2021 14:51:06 +0800 rainbowpigeon.helge[AT]8alias.com (rainbowpigeon) Tue, 26 Oct 2021 14:51:06 +0800 https://rainbowpigeon.me/posts/buckeyectf-2021/ <p>Kinda disappointed I wasn&rsquo;t able to do any Web ones (that weren&rsquo;t solved already), but it&rsquo;s alright. We got 7th place across all teams despite only having 4 members participating in this :)</p> <table> <thead> <tr> <th>Details</th> <th>Links</th> </tr> </thead> <tbody> <tr> <td>CTFtime.org Event Page</td> <td><a href="https://ctftime.org/event/1434">https://ctftime.org/event/1434</a></td> </tr> </tbody> </table> rainbowpigeon featured image CTF Writeup Buffer Overflow Docker Forensics IDA OSINT Reverse Engineering Wireshark CTF https://rainbowpigeon.me/posts/flare-on-8-2021/challenge-10-wizardcult/ Tue, 26 Oct 2021 13:21:06 +0800 rainbowpigeon.helge[AT]8alias.com (rainbowpigeon) Tue, 26 Oct 2021 13:21:06 +0800 https://rainbowpigeon.me/posts/flare-on-8-2021/challenge-10-wizardcult/ <p>Thanks drome for sharing his knowledge and skills! He completed all 10 challenges and this series of writeups is done by him :)</p> <table> <thead> <tr> <th>Details</th> <th>Links</th> </tr> </thead> <tbody> <tr> <td>Official Challenge Site</td> <td><a href="https://flare-on.com/">https://flare-on.com/</a></td> </tr> <tr> <td>Official Challenge Announcement</td> <td><a href="https://www.fireeye.com/blog/threat-research/2021/08/announcing-the-eighth-annual-flare-on-challenge.html">https://www.fireeye.com/blog/threat-research/2021/08/announcing-the-eighth-annual-flare-on-challenge.html</a></td> </tr> <tr> <td>Official Solutions</td> <td><a href="https://www.mandiant.com/resources/flare-on-8-challenge-solutions">https://www.mandiant.com/resources/flare-on-8-challenge-solutions</a></td> </tr> <tr> <td>Official Challenge Binaries</td> <td><a href="http://flare-on.com/files/Flare-On8_Challenges.zip">http://flare-on.com/files/Flare-On8_Challenges.zip</a></td> </tr> </tbody> </table> drome featured image Flare-On Writeup Go IDA Reverse Engineering Wireshark Flare-On Flare-On 8 https://rainbowpigeon.me/posts/flare-on-8-2021/challenge-9-evil/ Tue, 26 Oct 2021 13:20:06 +0800 rainbowpigeon.helge[AT]8alias.com (rainbowpigeon) Tue, 26 Oct 2021 13:20:06 +0800 https://rainbowpigeon.me/posts/flare-on-8-2021/challenge-9-evil/ <p>Thanks drome for sharing his knowledge and skills! He completed all 10 challenges and this series of writeups is done by him :)</p> <table> <thead> <tr> <th>Details</th> <th>Links</th> </tr> </thead> <tbody> <tr> <td>Official Challenge Site</td> <td><a href="https://flare-on.com/">https://flare-on.com/</a></td> </tr> <tr> <td>Official Challenge Announcement</td> <td><a href="https://www.fireeye.com/blog/threat-research/2021/08/announcing-the-eighth-annual-flare-on-challenge.html">https://www.fireeye.com/blog/threat-research/2021/08/announcing-the-eighth-annual-flare-on-challenge.html</a></td> </tr> <tr> <td>Official Solutions</td> <td><a href="https://www.mandiant.com/resources/flare-on-8-challenge-solutions">https://www.mandiant.com/resources/flare-on-8-challenge-solutions</a></td> </tr> <tr> <td>Official Challenge Binaries</td> <td><a href="http://flare-on.com/files/Flare-On8_Challenges.zip">http://flare-on.com/files/Flare-On8_Challenges.zip</a></td> </tr> </tbody> </table> drome featured image Flare-On Writeup IDA Reverse Engineering Flare-On Flare-On 8 https://rainbowpigeon.me/posts/flare-on-8-2021/challenge-8-beelogin/ Tue, 26 Oct 2021 12:57:06 +0800 rainbowpigeon.helge[AT]8alias.com (rainbowpigeon) Tue, 26 Oct 2021 12:57:06 +0800 https://rainbowpigeon.me/posts/flare-on-8-2021/challenge-8-beelogin/ <p>Thanks drome for sharing his knowledge and skills! He completed all 10 challenges and this series of writeups is done by him :)</p> <table> <thead> <tr> <th>Details</th> <th>Links</th> </tr> </thead> <tbody> <tr> <td>Official Challenge Site</td> <td><a href="https://flare-on.com/">https://flare-on.com/</a></td> </tr> <tr> <td>Official Challenge Announcement</td> <td><a href="https://www.fireeye.com/blog/threat-research/2021/08/announcing-the-eighth-annual-flare-on-challenge.html">https://www.fireeye.com/blog/threat-research/2021/08/announcing-the-eighth-annual-flare-on-challenge.html</a></td> </tr> <tr> <td>Official Solutions</td> <td><a href="https://www.mandiant.com/resources/flare-on-8-challenge-solutions">https://www.mandiant.com/resources/flare-on-8-challenge-solutions</a></td> </tr> <tr> <td>Official Challenge Binaries</td> <td><a href="http://flare-on.com/files/Flare-On8_Challenges.zip">http://flare-on.com/files/Flare-On8_Challenges.zip</a></td> </tr> </tbody> </table> drome featured image Flare-On Writeup IDA Javascript Reverse Engineering Flare-On Flare-On 8 https://rainbowpigeon.me/posts/flare-on-8-2021/challenge-7-spel/ Tue, 26 Oct 2021 12:40:06 +0800 rainbowpigeon.helge[AT]8alias.com (rainbowpigeon) Tue, 26 Oct 2021 12:40:06 +0800 https://rainbowpigeon.me/posts/flare-on-8-2021/challenge-7-spel/ <p>Thanks drome for sharing his knowledge and skills! He completed all 10 challenges and this series of writeups is done by him :)</p> <table> <thead> <tr> <th>Details</th> <th>Links</th> </tr> </thead> <tbody> <tr> <td>Official Challenge Site</td> <td><a href="https://flare-on.com/">https://flare-on.com/</a></td> </tr> <tr> <td>Official Challenge Announcement</td> <td><a href="https://www.fireeye.com/blog/threat-research/2021/08/announcing-the-eighth-annual-flare-on-challenge.html">https://www.fireeye.com/blog/threat-research/2021/08/announcing-the-eighth-annual-flare-on-challenge.html</a></td> </tr> <tr> <td>Official Solutions</td> <td><a href="https://www.mandiant.com/resources/flare-on-8-challenge-solutions">https://www.mandiant.com/resources/flare-on-8-challenge-solutions</a></td> </tr> <tr> <td>Official Challenge Binaries</td> <td><a href="http://flare-on.com/files/Flare-On8_Challenges.zip">http://flare-on.com/files/Flare-On8_Challenges.zip</a></td> </tr> </tbody> </table> drome featured image Flare-On Writeup IDA Reverse Engineering Flare-On Flare-On 8 https://rainbowpigeon.me/posts/flare-on-8-2021/challenge-6-petthekitty/ Tue, 26 Oct 2021 12:35:06 +0800 rainbowpigeon.helge[AT]8alias.com (rainbowpigeon) Tue, 26 Oct 2021 12:35:06 +0800 https://rainbowpigeon.me/posts/flare-on-8-2021/challenge-6-petthekitty/ <p>Thanks drome for sharing his knowledge and skills! He completed all 10 challenges and this series of writeups is done by him :)</p> <table> <thead> <tr> <th>Details</th> <th>Links</th> </tr> </thead> <tbody> <tr> <td>Official Challenge Site</td> <td><a href="https://flare-on.com/">https://flare-on.com/</a></td> </tr> <tr> <td>Official Challenge Announcement</td> <td><a href="https://www.fireeye.com/blog/threat-research/2021/08/announcing-the-eighth-annual-flare-on-challenge.html">https://www.fireeye.com/blog/threat-research/2021/08/announcing-the-eighth-annual-flare-on-challenge.html</a></td> </tr> <tr> <td>Official Solutions</td> <td><a href="https://www.mandiant.com/resources/flare-on-8-challenge-solutions">https://www.mandiant.com/resources/flare-on-8-challenge-solutions</a></td> </tr> <tr> <td>Official Challenge Binaries</td> <td><a href="http://flare-on.com/files/Flare-On8_Challenges.zip">http://flare-on.com/files/Flare-On8_Challenges.zip</a></td> </tr> </tbody> </table> drome featured image Flare-On Writeup IDA Reverse Engineering Wireshark Flare-On Flare-On 8 https://rainbowpigeon.me/posts/flare-on-8-2021/challenge-5-flare-linux-vm/ Tue, 26 Oct 2021 00:17:06 +0800 rainbowpigeon.helge[AT]8alias.com (rainbowpigeon) Tue, 26 Oct 2021 00:17:06 +0800 https://rainbowpigeon.me/posts/flare-on-8-2021/challenge-5-flare-linux-vm/ <p>Thanks drome for sharing his knowledge and skills! He completed all 10 challenges and this series of writeups is done by him :)</p> <table> <thead> <tr> <th>Details</th> <th>Links</th> </tr> </thead> <tbody> <tr> <td>Official Challenge Site</td> <td><a href="https://flare-on.com/">https://flare-on.com/</a></td> </tr> <tr> <td>Official Challenge Announcement</td> <td><a href="https://www.fireeye.com/blog/threat-research/2021/08/announcing-the-eighth-annual-flare-on-challenge.html">https://www.fireeye.com/blog/threat-research/2021/08/announcing-the-eighth-annual-flare-on-challenge.html</a></td> </tr> <tr> <td>Official Solutions</td> <td><a href="https://www.mandiant.com/resources/flare-on-8-challenge-solutions">https://www.mandiant.com/resources/flare-on-8-challenge-solutions</a></td> </tr> <tr> <td>Official Challenge Binaries</td> <td><a href="http://flare-on.com/files/Flare-On8_Challenges.zip">http://flare-on.com/files/Flare-On8_Challenges.zip</a></td> </tr> </tbody> </table> drome featured image Flare-On Writeup Forensics IDA Reverse Engineering Flare-On Flare-On 8 https://rainbowpigeon.me/posts/flare-on-8-2021/challenge-4-myaquaticlife/ Mon, 25 Oct 2021 23:58:06 +0800 rainbowpigeon.helge[AT]8alias.com (rainbowpigeon) Mon, 25 Oct 2021 23:58:06 +0800 https://rainbowpigeon.me/posts/flare-on-8-2021/challenge-4-myaquaticlife/ <p>Thanks drome for sharing his knowledge and skills! He completed all 10 challenges and this series of writeups is done by him :)</p> <table> <thead> <tr> <th>Details</th> <th>Links</th> </tr> </thead> <tbody> <tr> <td>Official Challenge Site</td> <td><a href="https://flare-on.com/">https://flare-on.com/</a></td> </tr> <tr> <td>Official Challenge Announcement</td> <td><a href="https://www.fireeye.com/blog/threat-research/2021/08/announcing-the-eighth-annual-flare-on-challenge.html">https://www.fireeye.com/blog/threat-research/2021/08/announcing-the-eighth-annual-flare-on-challenge.html</a></td> </tr> <tr> <td>Official Solutions</td> <td><a href="https://www.mandiant.com/resources/flare-on-8-challenge-solutions">https://www.mandiant.com/resources/flare-on-8-challenge-solutions</a></td> </tr> <tr> <td>Official Challenge Binaries</td> <td><a href="http://flare-on.com/files/Flare-On8_Challenges.zip">http://flare-on.com/files/Flare-On8_Challenges.zip</a></td> </tr> </tbody> </table> drome featured image Flare-On Writeup IDA Reverse Engineering Flare-On Flare-On 8 https://rainbowpigeon.me/posts/flare-on-8-2021/challenge-3-antioch/ Mon, 25 Oct 2021 23:01:06 +0900 rainbowpigeon.helge[AT]8alias.com (rainbowpigeon) Mon, 25 Oct 2021 23:01:06 +0900 https://rainbowpigeon.me/posts/flare-on-8-2021/challenge-3-antioch/ <p>Thanks drome for sharing his knowledge and skills! He completed all 10 challenges and this series of writeups is done by him :)</p> <table> <thead> <tr> <th>Details</th> <th>Links</th> </tr> </thead> <tbody> <tr> <td>Official Challenge Site</td> <td><a href="https://flare-on.com/">https://flare-on.com/</a></td> </tr> <tr> <td>Official Challenge Announcement</td> <td><a href="https://www.fireeye.com/blog/threat-research/2021/08/announcing-the-eighth-annual-flare-on-challenge.html">https://www.fireeye.com/blog/threat-research/2021/08/announcing-the-eighth-annual-flare-on-challenge.html</a></td> </tr> <tr> <td>Official Solutions</td> <td><a href="https://www.mandiant.com/resources/flare-on-8-challenge-solutions">https://www.mandiant.com/resources/flare-on-8-challenge-solutions</a></td> </tr> <tr> <td>Official Challenge Binaries</td> <td><a href="http://flare-on.com/files/Flare-On8_Challenges.zip">http://flare-on.com/files/Flare-On8_Challenges.zip</a></td> </tr> </tbody> </table> drome featured image Flare-On Writeup Docker IDA Reverse Engineering Flare-On Flare-On 8 https://rainbowpigeon.me/posts/flare-on-8-2021/challenge-2-known/ Mon, 25 Oct 2021 22:48:06 +0900 rainbowpigeon.helge[AT]8alias.com (rainbowpigeon) Mon, 25 Oct 2021 22:48:06 +0900 https://rainbowpigeon.me/posts/flare-on-8-2021/challenge-2-known/ <p>Thanks drome for sharing his knowledge and skills! He completed all 10 challenges and this series of writeups is done by him :)</p> <table> <thead> <tr> <th>Details</th> <th>Links</th> </tr> </thead> <tbody> <tr> <td>Official Challenge Site</td> <td><a href="https://flare-on.com/">https://flare-on.com/</a></td> </tr> <tr> <td>Official Challenge Announcement</td> <td><a href="https://www.fireeye.com/blog/threat-research/2021/08/announcing-the-eighth-annual-flare-on-challenge.html">https://www.fireeye.com/blog/threat-research/2021/08/announcing-the-eighth-annual-flare-on-challenge.html</a></td> </tr> <tr> <td>Official Solutions</td> <td><a href="https://www.mandiant.com/resources/flare-on-8-challenge-solutions">https://www.mandiant.com/resources/flare-on-8-challenge-solutions</a></td> </tr> <tr> <td>Official Challenge Binaries</td> <td><a href="http://flare-on.com/files/Flare-On8_Challenges.zip">http://flare-on.com/files/Flare-On8_Challenges.zip</a></td> </tr> </tbody> </table> drome featured image Flare-On Writeup IDA Reverse Engineering Flare-On Flare-On 8 https://rainbowpigeon.me/posts/flare-on-8-2021/challenge-1-credchecker/ Mon, 25 Oct 2021 22:47:06 +0900 rainbowpigeon.helge[AT]8alias.com (rainbowpigeon) Mon, 25 Oct 2021 22:47:06 +0900 https://rainbowpigeon.me/posts/flare-on-8-2021/challenge-1-credchecker/ <p>Thanks drome for sharing his knowledge and skills! He completed all 10 challenges and this series of writeups is done by him :)</p> <table> <thead> <tr> <th>Details</th> <th>Links</th> </tr> </thead> <tbody> <tr> <td>Official Challenge Site</td> <td><a href="https://flare-on.com/">https://flare-on.com/</a></td> </tr> <tr> <td>Official Challenge Announcement</td> <td><a href="https://www.fireeye.com/blog/threat-research/2021/08/announcing-the-eighth-annual-flare-on-challenge.html">https://www.fireeye.com/blog/threat-research/2021/08/announcing-the-eighth-annual-flare-on-challenge.html</a></td> </tr> <tr> <td>Official Solutions</td> <td><a href="https://www.mandiant.com/resources/flare-on-8-challenge-solutions">https://www.mandiant.com/resources/flare-on-8-challenge-solutions</a></td> </tr> <tr> <td>Official Challenge Binaries</td> <td><a href="http://flare-on.com/files/Flare-On8_Challenges.zip">http://flare-on.com/files/Flare-On8_Challenges.zip</a></td> </tr> </tbody> </table> drome featured image Flare-On Writeup Javascript Reverse Engineering Flare-On Flare-On 8 https://rainbowpigeon.me/posts/pbctf-2021/ Mon, 11 Oct 2021 12:00:06 +0900 rainbowpigeon.helge[AT]8alias.com (rainbowpigeon) Mon, 11 Oct 2021 12:00:06 +0900 https://rainbowpigeon.me/posts/pbctf-2021/ <p>Thanks to perfect blue for these nice challenges! The Binary Tree and Switching it up reversing challenges were probably also doable but I didn&rsquo;t really have the required skill to complete them within the given CTF duration 👍<br /> 🎵 <a href="https://www.youtube.com/watch?v=4Uc9IhBSW6k">Sander van Doorn x Lucas Steve - The World</a> is actually so good.</p> <table> <thead> <tr> <th>Details</th> <th>Links</th> </tr> </thead> <tbody> <tr> <td>CTFtime.org Event Page</td> <td><a href="https://ctftime.org/event/1371">https://ctftime.org/event/1371</a></td> </tr> </tbody> </table> rainbowpigeon featured image CTF Writeup Forensics IDA Reverse Engineering Wireshark CTF https://rainbowpigeon.me/posts/csaw-2021/ Mon, 13 Sep 2021 12:00:06 +0900 rainbowpigeon.helge[AT]8alias.com (rainbowpigeon) Mon, 13 Sep 2021 12:00:06 +0900 https://rainbowpigeon.me/posts/csaw-2021/ <p>Pretty fun challenges (those that I solved at least) :) I usually don&rsquo;t even dare to touch anything ICS/SCADA related, but it turns out that these weren&rsquo;t overly technical. We were also so close to solving the last Web challenge &lsquo;scp-terminal&rsquo;! We had all steps nailed down except the very last&hellip;</p> <table> <thead> <tr> <th>Details</th> <th>Links</th> </tr> </thead> <tbody> <tr> <td>CTFtime.org Event Page</td> <td><a href="https://ctftime.org/event/1315">https://ctftime.org/event/1315</a></td> </tr> </tbody> </table> rainbowpigeon featured image CTF Writeup Forensics ICS IDA Reverse Engineering CTF https://rainbowpigeon.me/posts/standconctf-2021/ Sun, 25 Jul 2021 12:00:06 +0900 rainbowpigeon.helge[AT]8alias.com (rainbowpigeon) Sun, 25 Jul 2021 12:00:06 +0900 https://rainbowpigeon.me/posts/standconctf-2021/ <p>Good job to my team for obtaining <strong>7th place</strong>! And also thanks to the challenge creators and organizers of course :)<br /> 🎵 <a href="https://www.youtube.com/watch?v=ZU-qvYPhFCw">Nicky Romero &amp; MARF ft. Wulf - Okay</a>🎵<br /> <div class="expand"> <button type="button" class="expand__button" aria-label="Expand Button"> <span class="expand-icon expand-icon__right"> <svg xmlns="http://www.w3.org/2000/svg" width="24" height="24" viewBox="0 0 24 24"><path fill="currentColor" d="M9.29 15.88L13.17 12 9.29 8.12c-.39-.39-.39-1.02 0-1.41.39-.39 1.02-.39 1.41 0l4.59 4.59c.39.39.39 1.02 0 1.41L10.7 17.3c-.39.39-1.02.39-1.41 0-.38-.39-.39-1.03 0-1.42z"/></svg> </span> My solves (4) table </button> <div class="expand__content"> <img src="https://rainbowpigeon.me/images/content/standconctf-2021/solves.png" alt="Table of Solves" /> </div> </div></p> rainbowpigeon featured image CTF Writeup Burp Suite Deserialization LFI Path Traversal SQL Injection SSRF Web CTF https://rainbowpigeon.me/posts/cddc-2021/ Fri, 25 Jun 2021 12:00:06 +0900 rainbowpigeon.helge[AT]8alias.com (rainbowpigeon) Fri, 25 Jun 2021 12:00:06 +0900 https://rainbowpigeon.me/posts/cddc-2021/ <p>I joined the Junior Category this year and I&rsquo;ll be frank: this was quite badly organized. It seems that they did not conduct any proper dry runs of the event. They had broken challenges (missing crucial challenge information, missing code in files, non-functional websites) and the worst thing is that they do not even announce when they are aware of the problem, when they are working on rectifying it, and when they have fixed it. Instead, we were left to figure out ourselves that a particular challenge file had been silently changed, or a vital piece of information was quietly added into some challenge description.<br /> There were also insufficent challenges (or they were of inadequate difficulty) to cover the duration of the event, which rendered their plan and timing of staggered challenge releases meaningless. Many hours before each challenge-release checkpoint, the top teams were already tied by their scores and idling. This means that the final winner would essentially be based only on the last challenge-release &ndash; which was a Web mission comprising 3 challenges. But because the final Web challenge was inoperative, the top teams basically came to a tie again while waiting for the challenge to be fixed after solving the other 2. Initially, no one knew it was broken so we did not even know what payloads we sent were supposed to work. And when they said it was supposedly fixed, it wasn&rsquo;t. Isn&rsquo;t that disorienting?<br /> Some more side points to note is that they delayed the winners announcement livestream 3 times for a total of 6 hours, and the live scoreboard was alphabetically sorted rather than based on time in the event that scores were tied.<br /> Honestly, what&rsquo;s even scarier is that I heard the Senior Category had even more serious issues, such as being only able to login a day after the competition started&hellip;</p> <hr /> <p>Anyway, big shoutout to my team for trying their best to find time to work on this together! We came in <strong>3rd</strong> and that&rsquo;s satisfactory.<br /> 🎵 <a href="https://www.youtube.com/watch?v=_4IYe0uQAWM">Haywood - Backbeat</a> was a really good tune that I put on for this CTF :)<br /> <div class="expand"> <button type="button" class="expand__button" aria-label="Expand Button"> <span class="expand-icon expand-icon__right"> <svg xmlns="http://www.w3.org/2000/svg" width="24" height="24" viewBox="0 0 24 24"><path fill="currentColor" d="M9.29 15.88L13.17 12 9.29 8.12c-.39-.39-.39-1.02 0-1.41.39-.39 1.02-.39 1.41 0l4.59 4.59c.39.39.39 1.02 0 1.41L10.7 17.3c-.39.39-1.02.39-1.41 0-.38-.39-.39-1.03 0-1.42z"/></svg> </span> Missions completed, team score, and player score </button> <div class="expand__content"> <img src="https://rainbowpigeon.me/images/content/cddc-2021/announcement.png" alt="Placing announcement" /><br /> <img src="https://rainbowpigeon.me/images/content/cddc-2021/player_score.png" alt="Individual player score" /><br /> <img src="https://rainbowpigeon.me/images/content/cddc-2021/missions.png" alt="Missions completed and team score" /> </div> </div></p> rainbowpigeon featured image CTF Writeup Burp Suite Buffer Overflow Forensics IDA LFI OSINT Path Traversal PWN Reverse Engineering SMB SQL Injection Web Wireshark CTF https://rainbowpigeon.me/posts/zh3r0ctf-2021/ Sun, 06 Jun 2021 12:00:06 +0900 rainbowpigeon.helge[AT]8alias.com (rainbowpigeon) Sun, 06 Jun 2021 12:00:06 +0900 https://rainbowpigeon.me/posts/zh3r0ctf-2021/ <p>Solved very little, but no excuses for this one :)<br /> 🎵 I was listening to <a href="https://open.spotify.com/album/0SkgI9DVsKoNpkM7JUWaGS">Alesso&rsquo;s PROGRESSO VOL 2</a> for this CTF!</p> <table> <thead> <tr> <th>Details</th> <th>Links</th> </tr> </thead> <tbody> <tr> <td>CTFtime.org Event Page</td> <td><a href="https://ctftime.org/event/1285/">https://ctftime.org/event/1285/</a></td> </tr> </tbody> </table> rainbowpigeon featured image CTF Writeup Burp Suite Web XSS CTF https://rainbowpigeon.me/posts/norzhctf-2021/ Mon, 24 May 2021 12:00:06 +0900 rainbowpigeon.helge[AT]8alias.com (rainbowpigeon) Mon, 24 May 2021 12:00:06 +0900 https://rainbowpigeon.me/posts/norzhctf-2021/ <p>Very unique CTF! Alongside challenges that got you to work with provided files, there was an OSCP-virtual-labs-style network with both external-facing and internal developer and admin subnets. Network reconnaissance and pivoting had to be performed. Unfortunately, I solved little challenges as I only started seriously on the second day :) The delays and infrastructure issues doused the flames of my enthusiasm&hellip; </p> <table> <thead> <tr> <th>Details</th> <th>Links</th> </tr> </thead> <tbody> <tr> <td>CTFtime.org Event Page</td> <td><a href="https://ctftime.org/event/1301">https://ctftime.org/event/1301</a></td> </tr> </tbody> </table> rainbowpigeon featured image CTF Writeup Burp Suite SQL Injection SSRF Web Werkzeug CTF https://rainbowpigeon.me/posts/dawgctf-2021/ Sun, 09 May 2021 12:00:06 +0900 rainbowpigeon.helge[AT]8alias.com (rainbowpigeon) Sun, 09 May 2021 12:00:06 +0900 https://rainbowpigeon.me/posts/dawgctf-2021/ <p>Thanks organizers! I enjoyed the Binary Bomb reversing challenges. We got 13th place. Sadly solved less for this one but it was fun trying some RE which I usually avoid. My 9 failed solves were because of Toilet Humor 5.<br /> 🎵 <a href="https://www.youtube.com/watch?v=s8cWFsr9jY8">Armin van Buuren feat. RBVLN - Weight Of The World (Club Mix)</a> powered me during this CTF :)<br /> <div class="expand"> <button type="button" class="expand__button" aria-label="Expand Button"> <span class="expand-icon expand-icon__right"> <svg xmlns="http://www.w3.org/2000/svg" width="24" height="24" viewBox="0 0 24 24"><path fill="currentColor" d="M9.29 15.88L13.17 12 9.29 8.12c-.39-.39-.39-1.02 0-1.41.39-.39 1.02-.39 1.41 0l4.59 4.59c.39.39.39 1.02 0 1.41L10.7 17.3c-.39.39-1.02.39-1.41 0-.38-.39-.39-1.03 0-1.42z"/></svg> </span> My solves (10) graph and category breakdown </button> <div class="expand__content"> <img src="https://rainbowpigeon.me/images/content/dawgctf-2021/graph.png" alt="Graph of challenge solves over time" /><br /> <img src="https://rainbowpigeon.me/images/content/dawgctf-2021/breakdown.png" alt="Category breakdown of challenge solves" /> </div> </div></p> <table> <thead> <tr> <th>Details</th> <th>Links</th> </tr> </thead> <tbody> <tr> <td>CTFtime.org Event Page</td> <td><a href="https://ctftime.org/event/1319/">https://ctftime.org/event/1319/</a></td> </tr> </tbody> </table> rainbowpigeon featured image CTF Writeup Forensics Hashcat IDA OSINT Reverse Engineering Steganography CTF https://rainbowpigeon.me/posts/umdctf-2021/ Tue, 27 Apr 2021 12:00:06 +0900 rainbowpigeon.helge[AT]8alias.com (rainbowpigeon) Tue, 27 Apr 2021 12:00:06 +0900 https://rainbowpigeon.me/posts/umdctf-2021/ <p>I appreciate the organizers for putting this CTF together because I enjoyed it a lot. It was at a very appropriate difficulty level for novices. Many thanks to my teammates for helping out. Even though it was only basically 2 active players 🙂, we managed to get <strong>8th place</strong>, which I am pretty satisfied with considering our little experience.<br /> 🎵 For this CTF I was listening to <a href="https://www.youtube.com/watch?v=qV8USJ_XN7Q">Kygo - Gone Are The Days ft. James Gillespie</a>!<br /> <div class="expand"> <button type="button" class="expand__button" aria-label="Expand Button"> <span class="expand-icon expand-icon__right"> <svg xmlns="http://www.w3.org/2000/svg" width="24" height="24" viewBox="0 0 24 24"><path fill="currentColor" d="M9.29 15.88L13.17 12 9.29 8.12c-.39-.39-.39-1.02 0-1.41.39-.39 1.02-.39 1.41 0l4.59 4.59c.39.39.39 1.02 0 1.41L10.7 17.3c-.39.39-1.02.39-1.41 0-.38-.39-.39-1.03 0-1.42z"/></svg> </span> My solves (22) graph and category breakdown </button> <div class="expand__content"> <img src="https://rainbowpigeon.me/images/content/umdctf-2021/graph.png" alt="Graph of challenge solves over time" /><br /> <img src="https://rainbowpigeon.me/images/content/umdctf-2021/breakdown.png" alt="Category breakdown of challenge solves" /> </div> </div></p> <table> <thead> <tr> <th>Details</th> <th>Links</th> </tr> </thead> <tbody> <tr> <td>CTFtime.org Event Page</td> <td><a href="https://ctftime.org/event/1288">https://ctftime.org/event/1288</a></td> </tr> <tr> <td>Publicly-released challenges</td> <td><a href="https://github.com/UMD-CSEC/UMDCTF-2021-Public-Challenges">https://github.com/UMD-CSEC/UMDCTF-2021-Public-Challenges</a></td> </tr> </tbody> </table> rainbowpigeon featured image CTF Writeup Burp Suite Forensics Hashcat OSINT Shodan SQL Injection Steganography Volatility Web Wireshark CTF