CSAW CTF 2013 – Qualification Round

Team HackoGram got #310 position worldwide with 1650 points and got #83 position in Undergraduate’s throughout. Also, was the 5th highest scoring Australian Team.

CSAW CTF challenges were divided into 7 categories with points from 50 to 500 depending on difficulty of challenge.

csawctf

I’ll do writeups of all the challenges i was able to solve

TRIVIA (250 points)

TRIVIA-1: Drink all the brooze, ______ all the things!

A: hack

This was pretty easy, i think you should be able to solve this without google

TRIVIA-2: What is the abbreviation of the research published in the Hackin9 issue on nmap by Jon Oberheide, Nico Waisman, Matthieu Suiche, Chris Valasek, Yarochkin Fyodor, the Grugq, Jonathan Brossard & Mark Dowd?

A: DICKS

I did a google search “Hackin9 on nmap by Jon Oberheide” and found link to article in pdf (Link). Then I found research “DARPA Inference Cheking Kludge Scanning”abbreviated as “DICKS”

TRIVIA-3: What is the common name for a single grouping of instructions used in a Return Oriented Programming payload, typically ending in a return (ret) instruction?

A: gadget

Did a google search on “single grouping Return Oriented Programming payload” and found this link (Link). Reading the article i found “gadget” is the answer.

TRIVIA-4: What is the new web technology that provides a web browser full-duplex communication to a web server over a single connection?

A: WebSocket

Did a google search on “Web browser full-duplex communication”, found this link (LINK)

TRIVIA-5: What is the x86 processor operating mode for running 64-bit code?

A: Long Mode

As i read question, Long Mode just came from my mouth. This was really simple.

RECON (400 points)

RECON-2: Julian Cohen

A: flag{1a8024a820bdc7b31b79a2d3a9ae7c02}

Did a google search for “Julian Cohen” and found his twitter account with Nickname/Username asHockeyInJune
Then i search again using HockeyInJune and found his Reddit page.

Julian has posted link to a website http://deathbycats.com
Did a who.is search and found this website is hosted on 23.23.196.37

Then i just accessed the IP directly and it gave me flag.

RECON-5: historypeats

A: key{whatDidtheF0xSay?}

Did a google search for “historypeats” and found his GitHub page. Then I checked for latest activities and it showed me removed comments from “putscan“.Then i clicked on removed comments and it gave me this page (link) and found key.

RECON-6: Brandon Edwards

A: key{a959962111ea3fed179eb044d5b80407}
Did a google search on “Brandon Edwards” gave me his twitter link with username “drraid”. Then did google search on “Drraid” and found his github contribution in sophsec code. Found  single commit.
 _

Leave a Reply

Your email address will not be published. Required fields are marked *