Juniors CTF 2016 - Web500 Crypto-shop Write Up

Published on Sunday, 27 November 2016 in CTF, Security ; tagged with juniors, ctf, write-up, web, 500, challenge, rsa, cookie ; text version

I played the Juniors CTF 2016 this weekend with some friends of mine and it was quite fun! Since we missed the registration deadline, I sneakily joined the Securimag team and played with them.

Crypto-shop challenge

Among the different web challenges that we solved, @xarkes and I thought that Crypto-shop was one of the most interesting challs from the web category.

Continue reading

D-CTF Qualifiers 2016 - Web300 like a dipsh*t

Published on Tuesday, 27 September 2016 in CTF, Security ; tagged with quals, dctf, ctf, write-up, web, 300, challenge, security, pupute ; text version

First of all, wow it's been a while and a lot of things happened since last time I wrote something on my little spot of the Internet...

Last weekend I played the D-CTF Qualifiers 2016 with some friends of mine (@xarkes, jfrankowski and a new friend of mine). I was told that it is not a good CTF due to multiple problems in previous version with the challenges, where for instance some exploit challenge would not be solvable at all. And apparently it was the same this year (see the comments) and it was frustrating at some point...

However, it didn't stop us from having quite a blast. One in particular, the Super Secure Company LLC web challenge, worth 300 points. We used our best tool in French history, called puputerie, or how to gain 300 points like a dipsh*t!

If you're interested, keep reading and I hope you'll forgive me.

Continue reading

AppSec EU 2015 Lightning Talk

Published on Saturday, 23 May 2015 in Blog ; tagged with blog, security, owtf, development, python, architecture, ligthning, talk, appsec, project, summit ; text version

AppSec EU 2015

I just came back from my trip to Amsterdam where I gave a lightning talk about OWTF for the AppSec EU 2015 :)
I also went there for the OWASP Project Summit where I met some of the other OWTF developers and my dear friend Abe, finally!

Continue reading

Quals NdH 2015 Clark Kent - re150

Published on Monday, 06 April 2015 in CTF, Security, Reverse Engineering ; tagged with quals, nuit du hack, ctf, write-up, re, 100, challenge, security, hackgyver ; text version

Last week-end I participated to the qualifications of NdH with HackGyver (scoreboard). We gathered at the hackerspace's local with futex, kiwhacks and pastrep (a new member met at the SecuRT 2015). We finished 32 over more than 200 teams that validated at least one challenge. It is not that bad, knowing that some of our key comrades where not available this Saturday.

Clark Kent Reboot

I had to do some stuff that I never did before and it was really fun. That is why I wanted to do the write-up of the Clark Kent reverse engineering challenge.

Continue reading

Quals NdH 2015 faceBox - web100

Published on Monday, 06 April 2015 in CTF, Security ; tagged with quals, nuit du hack, ctf, write-up, web, 100, challenge, security, hackgyver ; text version

Last week-end I participated to the qualifications of NdH with HackGyver (scoreboard). We gathered at the hackerspace's local with futex, kiwhacks and pastrep (a new member met at the SecuRT 2015). We finished 32 over more than 200 teams that validated at least one challenge. It is not that bad, knowing that some of our key comrades where not available this Saturday.

Meme 500 Internal Errors Everywhere

I thought that I could write something about their faceBox web challenge.

Continue reading

contactdepier.re License WTFPL2