Digging into the anatomy of Pokemon Yellow glitches, or how to impress your school friends during break time.

After reading a great blog post about a CTF challenge where you had to chain several SSRF to get the flag, I took some time to improve SSRFmap, fix the bugs and merge the Pull Requests. Then I implemented a new module called axfr to trigger a DNS zone transfer from the SSRF using the gopher protocol. This blog post is about my journey on implementing it.

TLDR: It’s never too late to try to solve an old challenge. This blog post is a quick writeup of a challenge from the Ph0wn CTF 2019 where you were given a small chip and you had to extract the flag from it.

Recently I had the pleasure to give a rump during the “Drink Love Share” meet organized by TheLaluka. This blog post will delve deeper into the topic.

This rump told the tale of a little Dino starting in the red team industries.

TLDR: Use nim-strenc, or read below to discover how to write your own Nim macro.

Lately I discovered the repository Yardanico/nim-strenc, you can use it very easily in your Nim code by importing strenc.
Let’s try it on this simple example. First you need to install the package using this command: nimble install strenc

• Challenge author: ajani
• Category: web, physical

The challenge started with the following Post Card

FCSC - FRANCE CYBERSECURITY CHALLENGE 2020

Some writeups of severals web challenges from the FCSC 2020.

Challenges’ Writeup

• WEB - EnterTheDungeon
• WEB - Rainbow Pages
• WEB - Rainbow Pages v2
• WEB - Revision
• WEB - Bestiary
• WEB - Lipogramme
• WEB - Flag Checker
• Forensic - Petite frappe 2
• Intro - Babel
• Intro - SuSHi
• Intro - Tarte Tatin
• Intro - Sbox
• Intro - Le Rat Conteur

Who ever wanted to learn about Hardware Hacking ? I found this small opensource IoT hacking learning board while I was in a security event. It is designed by @vulcainreo and cost around 45€, more than 300 units were shipped around the world.

Let’s dig into this awesome project and clone the git : https://github.com/Vulcainreo/DVID.git !

Challenges’ Writeup

• Hardware - findTheDatasheet
• Firmware - Default Password
• Firmware - Hardcoded Password
• Bluetooth - Advertising

Another week another CTF, this time it was the Ph0wn at Sophia Antipolis (France). I teamed up with members from @Maki, @iansus, @MansourCyril and @0hax. We reached the second place of this IoT/Hardware CTF.

Writeups’ challenges

• Rookie - Sunny day
• Hardware - Ant-Maker
• Misc - Compromised Sensor
• Misc - Domotics
• Crypto - Shamir Quest

Last week-end I teamed up with members from Aperikube for an Attack/Defense CTF which took place in Brest - France. In this “small” blog post I will write about this experience, the challenges and our methodology :)

Last wednesday I was in the Hack In Paris event for the 3rd time. As always there were some great conferences and challenges, and a new competition called “Hacker Jeopardy” which was very fun! During the Wargame I focused my time on Web challenges based on the graphql technology which was new to me, you will find below my writeups for the Meet Your Doctor challenges.

Let’s talk about the “MD Auth” challenge, I admit I started with this challenge thinking it would be about “Markdown”. I was wrong but it was nonetheless interesting to solve.

Last night I stumbled across an XSS in a bug bounty program, this was quite fun to exploit.

What is it ? The WHID Injector is USB Key which act as a remote keyboard. Basically it sets up a Wifi Access Point where you can connect and send whatever you want on the machine. It also has a Rubber Ducky payload converter, an exfiltrated data tab and many more.

What can I do ? Everything you could do with a keyboard plugged into a computer, for example : using WHID Toolkit you can spawn a reverse-shell :D

Where to buy a WHID Injector ? I got mine from Aliexpress, it’s also available on ebay around 15+ $ ;)

Last year the first day of my internship I was given a computer and asked to install and secure it for two days. After that delay anyone can try to attack and compromise my machine, and if so I was welcome to buy some “French Croissants” to the team while the attacker explain his method to get access into your computer the next morning. There are some techniques you need to be aware of when you’re securing your machine, the list below is not exhaustive.

Challenges’s Writeup - Online Prequals

• Web 50 - Hall of Fame
• Web 100 - Pass Through
• Web 150 - GoldFish
• Web 175 - Magic Car