CSAW CTF 2013 – Qualification Round

Team HackoGram got #310 position worldwide with 1650 points and got #83 position in Undergraduate’s throughout. Also, was the 5th highest scoring Australian Team.

CSAW CTF challenges were divided into 7 categories with points from 50 to 500 depending on difficulty of challenge.


I’ll do writeups of all the challenges i was able to solve

TRIVIA (250 points)

TRIVIA-1: Drink all the brooze, ______ all the things!

A: hack

This was pretty easy, i think you should be able to solve this without google

TRIVIA-2: What is the abbreviation of the research published in the Hackin9 issue on nmap by Jon Oberheide, Nico Waisman, Matthieu Suiche, Chris Valasek, Yarochkin Fyodor, the Grugq, Jonathan Brossard & Mark Dowd?


I did a google search “Hackin9 on nmap by Jon Oberheide” and found link to article in pdf (Link). Then I found research “DARPA Inference Cheking Kludge Scanning”abbreviated as “DICKS”

TRIVIA-3: What is the common name for a single grouping of instructions used in a Return Oriented Programming payload, typically ending in a return (ret) instruction?

A: gadget

Did a google search on “single grouping Return Oriented Programming payload” and found this link (Link). Reading the article i found “gadget” is the answer.

TRIVIA-4: What is the new web technology that provides a web browser full-duplex communication to a web server over a single connection?

A: WebSocket

Did a google search on “Web browser full-duplex communication”, found this link (LINK)

TRIVIA-5: What is the x86 processor operating mode for running 64-bit code?

A: Long Mode

As i read question, Long Mode just came from my mouth. This was really simple.

RECON (400 points)

RECON-2: Julian Cohen

A: flag{1a8024a820bdc7b31b79a2d3a9ae7c02}

Did a google search for “Julian Cohen” and found his twitter account with Nickname/Username asHockeyInJune
Then i search again using HockeyInJune and found his Reddit page.

Julian has posted link to a website http://deathbycats.com
Did a who.is search and found this website is hosted on

Then i just accessed the IP directly and it gave me flag.

RECON-5: historypeats

A: key{whatDidtheF0xSay?}

Did a google search for “historypeats” and found his GitHub page. Then I checked for latest activities and it showed me removed comments from “putscan“.Then i clicked on removed comments and it gave me this page (link) and found key.

RECON-6: Brandon Edwards

A: key{a959962111ea3fed179eb044d5b80407}
Did a google search on “Brandon Edwards” gave me his twitter link with username “drraid”. Then did google search on “Drraid” and found his github contribution in sophsec code. Found  single commit.

Leave a Reply

Your email address will not be published. Required fields are marked *