September 19, 2018

CSAW Quals 2018 - RE 400 - Not Protobuf

I’m in this company’s network and I’ve MITM’d this weird protocol between a dev client and server, but I can’t figure out how it works. Connect to reversing.chal.csaw.io:9002 and I’ll send the client traffic to you. Forward it on to the dev server at reversing.chal.csaw.io:9001 to figure out what’s going on. Once you’re ready, hit up the prod server at reversing.chal.csaw.io:9000 which should have a flag for you. Solved with jack2 and Plailect! Read more

November 6, 2017

HITCON CTF Quals 2017 - Footbook

Don’t like Facebook? Try our brand-new social networking service! tl;dr Proxy requests from 127.0.0.1:3000 to the remote server: socat TCP-LISTEN:3000,fork TCP:13.114.238.13:80 Register a Dropbox account with email address admin+something@footbook.meh Log in to site at 127.0.0.1:3000 using Dropbox OAuth Get flag! explanation We are presented with a very simple social media website that allows registered users to make public posts and send messages to other registered users (via their email address). Read more