GreyCTF'23

Grey Cat The Flag CTF

Background:

Grey Cat The Flag CTF, or GreyCTF is hosted by NUS Greyhats in collaboration with National Cybersecurity R&D Labs. I joined this CTF as a team with my friends, Domi and Bowen. Altogether, we solved 6 challenges, placing us 57th place in the Singapore category and 147th place in the open category out of 454 teams.

Crypto

1. Baby Crypto

whuo{squi4h_sifx3h_v0h_co_i4b4T}

Pretty simple challenge, it is a cipher. Caesar cipher, to be exact. So I just used dcode.fr for this.

The flag was found! "grey{caes4r_csph3r_f0r_my_s4l4D}"

Misc

1. CrashPython

I didn't get the screenshot of the full page unfortunately, but the gist of it was that there was a placeholder to input python code to run to cause a crash (through segmentation fault), but the code had to fulfil the requirements of the blacklist. The blacklist included keywords that couldn't be used in the code.

Initially, I tested with a stack overflow error with infinite recursion as such:

def recursion():
    recursion()

recursion()

But it didn't work. My teammate then told me (Eureka moment...) that it didn't meet the requirements of a segmentation fault. I then looked around for solutions to cause a segmentation fault.

I ended up with this simple code:

import ctypes
def segfault():
    # Access an invalid memory location
    ctypes.string_at(0)

segfault()

And that worked!

PreviousMagnet User Summit CTF 2023 NextSEETF'23

Last updated 1 year ago