CSAW CTF 2017 Revisiting Auir
This is a short post to (hopefully) answer some of the questions that I have received about my exploit auir.py and talk about a few interesting things that I have found.
CSAW CTF 2017 Infrastructure Overview
We’ve had a few people ask us over the past couple of years how we deploy CTFd and our challenges to serve the more than 2000 teams we have in CSAW CTF Quals, so here’s a quick post explaining how we do it.
CSAW CTF 2016 Finals Problems repo release
A few weeks ago, we ran the annual CSAW CTF finals round. We’ve released the problems so that anyone can play the problems themselves at home.
CSAW CTF 2016 Problems repo release
Last weekend, we ran the annual CSAW CTF qualification round. After a wonderful competition, we’ve released all the problems (along with Dockerfiles for deployment) to the public.
CSAW CTF 2015 VM
Last year, we had many ctf teams from around the world compete in the annual CSAW CTF. This event is geared toward college undergradates, however it is open to anyone who wishes to play.
CSAW CTF 2015 - Weebdate
After creating an account on the site and logging in, we notice pretty quickly that trying to set our profile image URL to an invalid URL returns a python error
CSAW CTF 2015 - Transfer
After quickly looking through the .pcap, we find two things: a python source file, and a large b64 string (‘2Mk16Sk5iakYx…’)
CSAW CTF 2015 - Sharpturn
We’re given a .tar.xz which contains a partially corrupted git repo. Running
git log reveals 4 commits, which all primarily build out one main .c file: