Welcome to the world of CTFs! Here, we strive to capture 'flags'. These flags are generally a short strings of text that we use to prove we've completed a hacking challenge, either the intended or an unintended way.

Try it out, submit this flag!

CTF{H3ll0_w0rld}

You must be logged in to submit flags

Not all flags will be that easy to capture, often you will know where the flag is, but not know how to capture it. The location of the flag is often referred to as a 'flagstore', this may be on an admin page on a website, the password to a program or in the home directory of a server. The challenge is to get access to these flag stores.

See if you can get the flag from the server.

The format here is nc <ip address> <port> this means that the server is listening on that port at that address, there are several ways you can connect to it. On Linux the easiest way is to type nc <ip address> <port>, for Windows you could use WSL to get the same functionality or use something like PuTTY, however we recommend using WSL or Linux for these CTF challenges.

You must be logged in to submit flags

Often, you won't immediately know the solution to a challenge, this is what makes hacking a skill. To solve these challenges, you will generally need three things, the first of these is often referred to as 'enumeration'.

Enumeration, or discovery, is the process of looking around for things you do have access to, and see how these systems interact with each other. See if you can find out what kind of web server this website is running, looking at the raw request and metadata might come in handy. (Note, the flag has already been properly formatted CTF{}).

You must be logged in to submit flags

Once you've identified what your working with you'll want to understand the system and think of creative ways to interact with it. These three steps are not set in any particular order, and you'll often find yourself constantly moving between all three.

Programmers often don't intend for restrictions to be bypassed, instead you'll have to think of things the programmers didn't consider, you'll have to be creative. Now that you know what program is running the web server, see if you can find a bug.

You must be logged in to submit flags

To bypass the restrictions, or exploit a bug you might have found, you'll need to understand what your attacking. This is where research comes in, by reading documentation, blog posts or other CTF writeups you can understand both what your attacking, and how to attack it.

See if you can use the bug you found to read the file /flag.txt through the Flask debugger.

You must be logged in to submit flags

Welcome to the world of web application exploitation, a world dedicating to exploiting that which we use nearly every day, websites.

Can you get the flag? Your browsers development tools might come in useful.

You must be logged in to submit flags

As you saw in the previous challenge, sometimes restrictions are implemented within the client side, your browser.

Because you are in full control of your browser, it is almost always possible to bypass these restrictions and send whatever data we want to the server. There are several tools to make this easier, one of the most popular ones is Burp Suite.

See if you can solve the challenge again, without the browsers developer tools. For a quick introduction see here

You must be logged in to submit flags

Welcome to the world of cryptography, a world dedicated to the security and integrity of data.

Before doing a cryptographic operation data is often first encoded, can you decode this hex encoded string?

0x4354467b57336c634f6d655f74305f43727950746f4772347068797d

You must be logged in to submit flags

One of the most important operations within cryptography is the exclusive or, XOR. Put simply, if you have the following binary sequences

101110
100111

XORing them would yield the following

001001

Interestingly, if we now XOR this result with one of the original binary sequences we get the other one.

101110
001001
------
100111

This property makes xor reversible, and very useful for symmetric cryptography. See if you can XOR the following hex encoded flag with the xor key thissuperkey.

0x373c2f082b45020c1c0c4404

You must be logged in to submit flags

For modern cryptography, it's often easier to work with data programmatically. One excellent Python library for this is pycryptodome, see if you can complete the included script to decrypt the flag.

Download files

You must be logged in to submit flags

Welcome to the world of reverse engineering, a world dedicated to discovering and documenting the behavior of programs

These programs do not always have to be binaries, they could also for example be obfuscated code, can you recover the password?

Download files

You must be logged in to submit flags

Some programs are compiled into binaries, machine code. This means you cannot simply open the file to see how it works, instead we have to decompile them.

This is called static reverse engineering, it does not involve running the program and is often safer, especially when analyzing malware. One tool for this is Ghidra, it supports several analysis passes and attempts to decompile the binary back to its original code.

See if you can use it to reverse engineer this binary

Download files

You must be logged in to submit flags

Often, its a lot faster to figure out how a program works by running it. This allows us to skip over understanding certain functionality and instead just observe the in and outputs. However, for this we often want to have a deeper level of insight into the program than is normally provided.

To achieve this, we can use debuggers. On Linux one of the most widely used debuggers is GDB for both reversing and pwn challenges you might want to use a plugin like GEF

See if you can find the password to the following binary using a debugger, three commands you'll likely need are disass main (disassemble a function, in this case main), b *addr(set a break point at a set memory address) and c (continue program execution).

Download files

You must be logged in to submit flags

Welcome to the world of PWN, a world exploring the limits of the lower levels of the computer.

Can you bypass this password check?

Credit: VUBar (barbito)

Download files

You must be logged in to submit flags

In the world of binary exploitation we often want a high degree of percision when interacting with the binary we are trying to exploit. What bytes are received, what bytes are sent, how they are encoded, etc. One really usefull tool for this is a library called pwntools

This challenge provides a simple calculator, if you solve 100 equations in 2 seconds you get a flag! If you need a starting point see here

You must be logged in to submit flags

Welcome to the world of forensics, if you love mystery novels you'll feel right at home in this field were we try to uncover the actions of bad actors.

Can you find out what the attacker did on our server?

Download files

You must be logged in to submit flags

You must be logged in to submit flags

You must be logged in to submit flags