Google CTF - Web 8 - Global CTF
Google CTF - Web 6 - Purple Wombats
Google CTF - Web 1 - Wallowing Wallabies - Part One
For anyone familiar with the Counter-Strike competitive scene, you know about ESEA. They just recently launched a bounty program that puts their website, game client, and game servers in scope for security research.
I spent a night taking a look over the website and found a few vulnerabilities. The most interesting discovery was a Server-Side Request Forgery vulnerability. Using a cool trick that Ben Sadeghipour (@NahamSec) showed me, I was able to pull private information from ESEA's AWS metadata.
In 2014 I discovered a vulnerability on Yahoo's Login Protection seal that allowed for CSS injection. This information was saved to the browser and IP, persisting across login sessions on that computer. The protection seal feature has since been removed from the login page, but the feature still exists in your account preferences.
- CTF: CSAW 2015
- Challenge: Weebdate
- Category: Web
- Points: 500
Since the Ashley Madison hack, a lot of high profile socialites have scrambled to find the hottest new dating sites. Unfortunately for us, that means they're taking more safety measures and only using secure websites. We have some suspicions that Donald Trump is using a new dating site called "weebdate" and also selling cocaine to fund his presidential campaign. We need you to get both his password and his 2 factor TOTP key so we can break into his profile and investigate. Flag is md5($totpkey.$password) http://18.104.22.168/
Original Post: http://potatohatsecurity.tumblr.com/post/126411303994/defcon-23-badge-challenge
Brett, Jon, and I teamed up with Council of 9 and won this years badge challenge after having great success in the DEFCON 22 Badge Challenge. Over the last year we have studied a huge number of cryptographic methods and ancient languages to prepare for this. We also released our own crypto-challenge website for the community to follow along and have fun challenging themselves. With our new knowledge and a great team in tow we headed out to DEFCON.
Here is the entire adventure as we experienced it with all of the puzzles, their solutions, and the steps to solve them. Understand that this document contains MASSIVE spoilers so if you do not want to ruin it for yourself please stop reading now.