- Solution guide - https://docs.google.com/document/d/1RCWwVwtxQcl0vf9X4b3Cyo7KDDLVKwGW5xKh5LhxlNI/edit?usp=sharing
- Videos for the challenges - https://www.youtube.com/watch?v=_brMPWHUClQ&list=PLT-LPGjotMdslqpw2MnJHXAEiGxYb0H-c
- Lottery:
- Redis duplicate key caching bug
- Regex is Evil
- user agent:
- Set the user agent to a special value to bypass auth
- amazon:
- Breaking OTP
- Racey:
- Race condition
- Injection city (6):
- Command injection
- Argument injection
- Code injection
- Template injection
- SQL injection
- XSS
- Basic memory corruption series(5):
- Corrupting a variable
- Controlling the variable
- Hijacking the control flow on function pointer
- Hijacking the control flow on RET address
- Shellcode - your own code
- Reused with mods from years past: https://github.com/mdulin2/SC3/tree/master/buf_series was used in years past.
- JavaScript ROP
- Airline creator (4):
- What's my seat?
- First mod - name
- Second mod - ticket class
- Check yourself before you wreck yourself
- No chars
- Odd
- GameBoy (gameboy) (2):
- Hackermon Null challenge 1:
stringsor hex editor to read password - Hackermon Null challenge 2: Use emulator w/ debugger to tamper memory
- Hackermon Null challenge 1:
- tpm_decode (2):
- Find the command
- Find the secret being stored
- Cracking:
- Easy way out
- A little salt
- Cesar Cipher
- Mean what you sign
- Loops 4
- xorbiant
- Mining - pseudo bitcoin mining
- Blockchain apprentice - OSINT on blockchain
- Bad key gen - brute forcing keys
- Hotel finding from only an image (Vanessa)
- Google Dork
- DNS Scavenger hunt (3):
- MX
- Hosting Provider
- Domain Registration Lookup
- Phreaking (4)
- ABCD
- Blue box (coins)
- Red box (free calls)
- Calling card (unused bonus challenge)
- LLMs (chatgpt) (2):
- Programmer Helper 3.5 (challenge 1): Bypass system prompt to make the GPT-3.5 chatbot say the forbidden word.
- Programmer Helper 4 (challenge 2): Bypass system prompt to make the GPT-4 chatbot say the forbidden word.
- Magician:
- Reverse engieering and decoding some content.