HackDig : Dig high-quality web security articles for hackers

BSidesSF CTF: Hard reversing challenge: Chameleon

For my third and final blog post about the BSidesSF CTF, I wanted to cover the solution to Chameleon. Chameleon is loosely based on a KringleCon challenge I wrote (video guide), which is loosely based on a real-world penetration test from a long time ago. Except that Chameleon is much, much harder than either. Chameleon (source), at its core, is a file encr
Publish At:2020-02-26 15:35 | Read:605 | Comments:0 | Tags:Conferences Crypto CTFs Reverse Engineering

BSidesSF CTF: Difficult reverse engineering challenge: Gman

Once again, it was my distinct privilege to be a BSidesSF CTF organizer! As somebody who played CTFs for years, it really means a lot to me to organize one, and watch folks struggle through our challenges. And more importantly, each person that comes up to us and either thanks us or tells us they learned something is a huge bonus! But this week, I want to po
Publish At:2020-02-26 14:05 | Read:394 | Comments:0 | Tags:Conferences CTFs

BSidesSF CTF: Easy to hard Rust reversing challenges

As mentioned in a previous post, I was honoured to once again help run BSidesSF CTF! This is going to be a quick writeup for three challenges: config-me, rusty1, and rusty2. All three are reversing challenges written in Rust, although the actual amount of reversing required is low for the first two. config-me config-me (source) was actually modeled after tw
Publish At:2020-02-26 14:05 | Read:567 | Comments:0 | Tags:Conferences CTFs Reverse Engineering

BSidesSF CTF author writeup: genius

Hey all, This is going to be an author's writeup of the BSidesSF 2019 CTF challenge: genius! genius is probably my favourite challenge from the year, and I'm thrilled that it was solved by 6 teams! It was inspired by a few other challenges I wrote in the past, including Nibbler. You can grab the sourcecode, solution, and everything needed to run it yourself
Publish At:2019-09-19 17:55 | Read:1308 | Comments:0 | Tags:Conferences CTFs Hacking Reverse Engineering

Solving b-64-b-tuff: writing base64 and alphanumeric shellcode

Hey everybody, A couple months ago, we ran BSides San Francisco CTF. It was fun, and I posted blogs about it at the time, but I wanted to do a late writeup for the level b-64-b-tuff. The challenge was to write base64-compatible shellcode. There's an easy solution - using an alphanumeric encoder - but what's the fun in that? (also, I didn't think of it :) ).
Publish At:2017-06-14 04:50 | Read:3951 | Comments:0 | Tags:CTFs Hacking

BSidesSF CTF wrap-up

Welcome! While this is technically a CTF writeup, like I frequently do, this one is going to be a bit backwards: this is for a CTF I ran, instead of one I played! I've gotta say, it's been a little while since I played in a CTF, but I had a really good time running the BSidesSF CTF! I just wanted to thank the other organizers - in alphabetical order - @bmenr
Publish At:2017-02-23 00:15 | Read:5179 | Comments:0 | Tags:Conferences CTFs


Share high-quality web security related articles with you:)