|
Andrea Biondo @ 36C3
@
anbiondo
|
|
Turning drinks into segfaults. MSc student in CS at @UniPadova. CTF player with @n0pwnintended and @mhackeroni.
|
|
|
104
Tweetovi
|
212
Pratim
|
950
Osobe koje vas prate
|
| Tweetovi |
| Andrea Biondo @ 36C3 proslijedio/la je tweet | ||
|
Andrea Fioraldi
@andreafioraldi
|
30. pro |
|
#36c3 was a blast! Here with the @mhackeroni crew we are toasting in honor of these amazing 4 days.
Cheers to all old and new friends here, see u next year/defcon/somewhere! pic.twitter.com/WPb7S4wIrR
|
||
|
|
||
| Andrea Biondo @ 36C3 proslijedio/la je tweet | ||
|
cts
@gf_256
|
16. pro |
|
the FORBIDDEN ctf tactics the pros DONT want you to know! pic.twitter.com/rB7OthYK3x
|
||
|
|
||
|
Andrea Biondo @ 36C3
@anbiondo
|
27. stu |
|
They did say "guessing flags" in the blog, and the retweet was talking about probabilities :) but yeah, fair enough.
|
||
|
|
||
|
Andrea Biondo @ 36C3
@anbiondo
|
27. stu |
|
(3) The "not found" response indicates that the fuel ID is not valid, i.e., it wasn't uploaded to the service. Everything points to a check request to NARF! (but not the previous upload request) being accidentally deflected to SIGFLAG.
|
||
|
|
||
|
Andrea Biondo @ 36C3
@anbiondo
|
27. stu |
|
(2) The checker sends random POST data with the flag somewhere in it, and checks that the just-uploaded fuel only returns the new flag. A flag regex on the checker POST data will find the flag, no need for guessing.
|
||
|
|
||
|
Andrea Biondo @ 36C3
@anbiondo
|
27. stu |
|
(1) It's not about the probability of guessing flags. The stuff after ? in the URL is the ID of a "fuel", i.e., a state machine uploaded by the checker that will match a specific flag in the POST data.
|
||
|
|
||
|
Andrea Biondo @ 36C3
@anbiondo
|
24. stu |
|
I understand (I've made this mistake in a challenge for our students), but I'd expect this kind of stuff from a low-level CTF, not RuCTF. Anyway, I guess mock teams?
|
||
|
|
||
|
Andrea Biondo @ 36C3
@anbiondo
|
24. stu |
|
Wow. With all due respect to the author, that's disappointing. I like working on the harder challs, so I spent 90% of the CTF on this. Would've been better to just avoid releasing the service if they didn't have a working exploit.
|
||
|
|
||
|
Andrea Biondo @ 36C3
@anbiondo
|
24. stu |
|
I'm still trying to understand how to exploit "engine" from yesterday's @RuCTFE. Found the stack overflow, but no leak (collected_pieces was spilled to the stack, so no retaddr LSB overwrite either). Reading short in check_fuel was throwing. github.com/HackerDom/ruct…
|
||
|
|
||
| Andrea Biondo @ 36C3 proslijedio/la je tweet | ||
|
mhackeroni
@mhackeroni
|
17. lis |
|
3rd place in HITB PRO CTF! GG and thanks for the prize ;) @HITBSecConf #HITBCyberWeek #ProCTF pic.twitter.com/TpBiH3BvI9
|
||
|
|
||
|
Andrea Biondo @ 36C3
@anbiondo
|
12. lis |
|
Thanks for the battle! See you next year :)
|
||
|
|
||
| Andrea Biondo @ 36C3 proslijedio/la je tweet | ||
|
CyberChallengeIT
@CyberChallengIT
|
11. lis |
|
2nd place for Team Italy 🇮🇹 @ #ECSC2019!!!! pic.twitter.com/6LSs4Mk4LZ
|
||
|
|
||
|
Andrea Biondo @ 36C3
@anbiondo
|
22. ruj |
|
So long since my last blog post... Here's my writeup for Dragon CTF Teaser 2019 "rms" (and "rms-fixed"), enjoy! @DragonSectorCTF abiondo.me/2019/09/22/dra…
|
||
|
|
||
| Andrea Biondo @ 36C3 proslijedio/la je tweet | ||
|
Matthew Green
@matthew_d_green
|
15. kol |
|
New talk: we’re talking about device identifiers in Linux and Android that somehow also leak the kernel address in KASLR and thus allows a bypass and I’m just like: pic.twitter.com/h5cnPNiTnA
|
||
|
|
||
| Andrea Biondo @ 36C3 proslijedio/la je tweet | ||
|
Stefan Nagy
@snagy2vt
|
14. kol |
|
An awesome thesis (@anbiondo's) on firmware #fuzzing: "Coverage-guided fuzzing of embedded
firmware with avatar". PDF download link: siagas.math.unipd.it/siagas/getTesi…
|
||
|
|
||
| Andrea Biondo @ 36C3 proslijedio/la je tweet | ||
|
mhackeroni
@mhackeroni
|
13. kol |
|
After enough hours of sleep it's time to announce that we got the 5th place at @oooverflow #DEFCON CTF as the best European team! Congrats to PPP (@PlaidCTF) for collecting more black badges this year and hosting us at the after-party, you guys are awesome! 🚩 #DEFCON27 #CTF twitter.com/oooverflow/sta… pic.twitter.com/skDk4g8skj
|
||
|
|
||
| Andrea Biondo @ 36C3 proslijedio/la je tweet | ||
|
spritzers
@n0pwnintended
|
13. kol |
|
We survived @defcon CTF with the fine chefs of @mhackeroni! 🍝 Crazy nice 5th place this year 🚩 amazing game, thanks @oooverflow & props to the champions @PlaidCTF pic.twitter.com/S3CztdttjO
|
||
|
|
||
| Andrea Biondo @ 36C3 proslijedio/la je tweet | ||
|
mhackeroni
@mhackeroni
|
8. kol |
|
Getting ready for the game🚩 Tomorrow is the big day! pic.twitter.com/1N51l6ULH6
|
||
|
|
||
| Andrea Biondo @ 36C3 proslijedio/la je tweet | ||
|
mhackeroni
@mhackeroni
|
4. kol |
|
It's due time to thank all the people that supported our crowdfunding campaign so far :) you can still help us at gofundme.com/f/send-mhacker… #mhackeroni #DEFCON #defcon27 pic.twitter.com/XOYpHVcCFD
|
||
|
|
||
| Andrea Biondo @ 36C3 proslijedio/la je tweet | ||
|
attacus
@attacus_au
|
29. srp |
|
my high school maths teacher always said we needed to memorise things because "you won't carry a calculator around with you in the real world"
well JOKE'S ON YOU MRS WALSH not only do I have a smartphone but my friend just emailed me this neat Word doc that opens a calculator
|
||
|
|
||