Skip to content

Instantly share code, notes, and snippets.

View SalScotto's full-sized avatar

Salvatore Scotto di Perta SalScotto

View GitHub Profile
@SalScotto
SalScotto / writeup-ez-pwn-1.md
Created November 28, 2022 19:06
Writeup "EZ-PWN-1"

Code vulnerable to buffer overflow:

char command[16];
char way_too_small_input_buf[8];
//...
read(0, way_too_small_input_buf, 24);
//...
system(command);
@SalScotto
SalScotto / writeup-sqUARe-paymenT-terminal.md
Created November 28, 2022 19:03
Writeup "sqUARe-paymenT-terminal" - SquareCTF 22

Logic2 file (recognized by the UART in the name of the challenge and the .sal extension)

By opening it, we can see that most of the channels are unused, there's transmission only on channel 0.

Since we already know that is a UART communication, we can use Logic's Async Serial tool to read the content

We can try the most common Baud Rates to try and decode the serial content (9600, 14400, 19200, 38400, 57600, 115200)

Settings used

@SalScotto
SalScotto / writuep-all-web-sun22.md
Created November 22, 2022 23:10
Writeup all-web challenges - SunshineCTF 2022

Transparency

50 points

This one is simple! Just look where you might look at the cryptographic history of the sunshinectf.org domain! There's a Yeti in one and a Nimbus in another!

Here, we're asked to chech the cryptographic history of the challenge domain. Since we're talking about a website, it can only mean to check the history of its security certificates!

We can see it by visiting crt.sh. This is an OSINT Tool aimed to gather info on certificates emitted to the certificate transparency logs,

@SalScotto
SalScotto / writeup-secure_vault.md
Created May 10, 2022 18:28
Writeup Secure Vault - Angstrom CTF 2022

Number Game

Introduction

challenge description

Challenge

Going to the homepage link in the description, we can see a page with a login/register form.

home

@SalScotto
SalScotto / writeup-number_game.md
Last active May 10, 2022 18:30
Writeup "Number Game" - Angstrom CTF 2022

Number Game

Introduction

Introduction

Solution

Let's start by downloading the attached file. Trying to run it, we see that it asks us to guess a number:

First_Run