Tag: Writeup

Fun with sine waves: DEF CON 2025 quals echoid writeup

11 minute read – posted on April 13, 2025 by Zack Orndorff

Overview

I had a great time playing quals this year with Shellphish. I usually try to write full-length stories for my writeups (see my blog archives for a few), but this one will be a bit less complete for time reasons.

Challenge description

Are you hearing what I’m hearing?

HOST: echoid-7xf5f2sbdofl6.shellweplayaga.me

PORT: 1337

Files:

$ nc echoid-7xf5f2sbdofl6.shellweplayaga.me 1337
Ticket please: ticket{redacted}
Send us your song to be identified
asdf
ERROR: Invalid input size: 1717859169

Source from the organizers: https://github.com/Nautilus-Institute/quals-2025/tree/main/echoid

Continue reading →

Categories: Ctf Security

Tags: Ctf Defcon Dsp Writeup

Blazin' Etudes - Hack A Sat 3 Quals (2022) - Writeup

17 minute read – posted on August 6, 2022 by Zack Orndorff

This year was Samurai’s third time playing Hack A Sat’s (HAS) quals round. The first time we played, we qualified for finals. Year 2, we didn’t qualify. So this year we were hoping to qualify again. I personally wasn’t super involved in the first year, and only a bit involved last year (I don’t think the weekends lined up super great for me), but I was interested to take a shot at it this year and hopefully qualify! Blazin’ Etudes was the third of a series of microblaze reversing challenges, released on the last day of the competition (Sunday).

Continue reading →

Categories: Ctf Security

Tags: Binary Ninja Code Ctf Hackasat Microblaze Writeup

Reversing and exploiting a program running in an undocumented VM

16 minute read – posted on May 3, 2021 by Zack Orndorff

This weekend, Samurai played the DEF CON CTF Qualifier event. We had a great time playing; much thanks to the organizers for putting on a great event! Many thanks to my teammates, it was awesome playing with you all! One of the challenges this weekend was called baby-a-fallen-lap-ray. It was categorized as a pwn challenge, and it made a comment about being ‘the return of the parallel machine (or is it?)’.

Continue reading →

Categories: Ctf

Tags: Binary Ninja Ctf Defcon Writeup

CSAW CTF Finals 2018 - Wic Wac Woe 1 writeup

9 minute read – posted on November 13, 2018 by Zack Orndorff

I had the opportunity to compete in the CSAW CTF Finals 2018 for a second year in a row, with the UMBC Cyber Dawgs. It was a lot of fun, despite our somewhat lackluster finish in 10th place. I learned a lot. For instance, in this challenge, I learned how to exploit a Use-After-Free vulnerability (in WebAssembly no doubt!).

Continue reading →

Categories: Ctf Security

Tags: Csaw Ctf Writeup

CSAW CTF Finals 2017 - KWS 1 Writeup

4 minute read – posted on November 15, 2017 by Zack Orndorff

I recently had the opportunity to compete in the CSAW CTF Finals with the UMBC Cyber Dawgs. It was an amazing competition; the organizers were awesome and did a great job. We placed 7th in North America, by the way :) If you’ve never heard of CSAW before, it’s a huge student-run security conference/competition. We played in the CTF, or capture-the-flag competition. I would consider one of the best undergraduate-level CTF competitions. CSAW CTF is a jeopardy style competition in which you have a board of challenges, and you get points for solving them. You solve the challenge by hacking at it until it gives you a flag of the form flag{th1s_i5_a_f1@g}, which you enter into the scoreboard to receive points. Team with the most points wins.

Continue reading →

Categories: Ctf Security

Tags: Csaw Ctf Writeup