11 November : Baby Kernel 2

Last year you may have taken your first steps in kernel exploitation. It was not that hard, after all. This year we will take the second baby step. :-) nc babykernel2.forfuture.fluxfingers.net 1337 Playing around On each connection to the server, we see a kernel boot sequence printout ( we found


11 November : hack.lu CTF 2019 — Shiny Code

We got a video leaked of a new transmission technique working only with lights and colors. The company using it says it is completely secure because of its secret encoding. However, the whistleblower also says that the secret encoding is somehow encoded in the message itself. It uses an old,


11 November : Teen Kernel

The challenge description was : "The baby was cute and made sure to let you know if something is wrong. Now, the baby has grown into a teen, a stubborn one. He does not like to talk very much. Can you display some authority?" This challenge is the continuation of


11 November : Yield (reversing)

The challenge is an HTML file called index.html, which contains obfuscated and minified Javascript. When browsing the page we receive 34 prompts and after trying to enter some different strings they all lead to the same skull unicode character being displayed to the user. After passing it to a beautifier


11 November : Futuristic communications (misc)

Communication in the future is a big thing. With the rising amount of data in the internet new handshake techniques are required. Here is my implementation, where I can identify who did request which resources. In this challenge we receive a PCAP file from a custom authentication procedure between a


11 November : Parasite Validator

Challenge Description A rival pro profit tree planting enterprise has published a reporting solution for business inquiries, thinking it might help them gain reputation to increase sales. Fortuately for us they thought it would be a good idea to outsource the development and i believe it isn't secure at all.


11 November : HACK.LU CTF 2019

Cobol OTP challenge Description To save the future you have to look at the past. Someone from the inside sent you an access code to a bank account with a lot of money. Can you handle the past and decrypt the code to save the future? Setup The challenges include


11 November : Chat

Hacklu CTF 2019 Category:pwn - Difficulty: easy - points: 381 - solves: 16 To coordinate our efforts for a better future we started to build a chat program. While it doesn't have much functionality, yet, maybe you could have a look at it already to see if you can find


11 November : no risc no future

The challenge: We use microcontrollers to automate and conserve energy. IoT and stuff. Most of them don't use CISC architectures. In this challenge we are given 4 files. README.md and it's pretty self-explanatory. The actual challenge file is no_risc_no_future and the readme specifies we should run it using qemu-mipsel-static. This


11 November : Lamport Verify

The challenge: I finally managed to create a signature verification service powered by time, artificial intelligence, the power of music and the randomness of entanglement (well, Leslie and the Emperor Penguin's randomness also helped). It is resistent to all known and unknown attacks and will always be uncrackable. Leave and



defcon 2020 quals – fountain_ooo_relive

fountain-ooo-reliving Problem description We have found the fountain OOO RElive.

July 07,2020
defcon 2020 quals – uploooadit

Defcon Quals - uploooadit challenge We started off with a

July 07,2020
The dragon sleeps at night

Challenge overview The challenge description provided solely an ip &

March 03,2020