NahamCon CTF 2022 – babyrev (Reverse Engineering)

Hi everyone! NahamCon CTF 2022 was held from 29/4-30/4. This babyrev challenge is on reversing the encoded flag to decode it. Let’s get started! Files provided babyrev You can download by reversed engineered IDA Freeware 7.7 database file for babyrev here. Overview We can see in the main(), it will prompt us for a username […]

DCTF 2022 – Codechainz Write-up

Hi everyone! This post is on DCTF 2022’s Codechainz which is a fairly easy pwn challenge. This challenge has a buffer overflow (BoF) vulnerability and requires us to jump to a space created by mmap() which is executable. However, there is a shellcode size limit due to the space available. Let’s get started! Files provided […]

BKSEC 2022 CTF Write-up (Pwn)

Hi everyone! This post is on BKSEC 2022 CTF which was held in early April this year. I only attempted the pwn category as I was feeling lazy to try out the others. The pwn challenges tested on arbitrary write via array out of bound (OOB), stack alignment on x64 programs, and bypassing integer inputs […]

CTF.SG CTF 2022 Write-up

Hi everyone! Today’s write-up is on CTF.SG 2022. It is a 24 hours CTF hosted over the weekend (12-13/3/2022) with many different categories such as Sanity, Web, Pwn, Cryptography, Reverse Engineering, and Misc. I did not have time to solve many challenges as I needed my sleep. This CTF definitely isn’t easy, especially for reverse […]

HackTheBox – Little Tommy Write-up

Hi everyone! Today’s post is on Little Tommy, a medium challenge on HackTheBox which was created on 27th September 2017. However, this challenge is actually quite easy and straightforward. The only difficult part is to identify the vulnerability which is Use-after-Free (UaF). Once you know it, obtaining the flag is very straightforward. Let’s get started! […]

HackTheBox – HackyBird Write-up

Dear readers, Today’s reading is on HackyBird, a game-based Reverse Engineering challenge. It was created on 19th December 2020. Let’s get started! Files given HackyBird.exe (32-bits) You may also download the IDA database where I renamed some of the functions during reverse engineering here. Tools required Cheat Engine IDA Pro (or any other WIndows supported […]