HKCERT CTF 2022 Writeups
CTFtime event link: https://ctftime.org/event/1722/
Writeups
- Web:
- Forensics:
- Misc:
- Crypto:
Background
- Starts: 11 November 2022, 6:00PM HKT
- Ends: 13 November 2022, 6:00PM HKT
Overview
- Solved: 7 (Not Including 10 Point Challenges)
- Points: 699
- Tertiary Rank: 25/73, Overall Rank: 82/309
- Overall Difficulty To Me: The Hardest CTF I’ve Ever Experienced
What I’ve learned in this CTF
- Web:
- Insecurely Storing Files (Back to the Past)
- Local File Inclusion (LFI) (Spyce)
- Nginx Off-By-Slash Vulnerability (Secured Web Service)
- Exploiting Server-Side Include Vulnerability (CVE 1999)
- ??? (protoTYPE:v2 - sanityXSS) (Unsolved)
- Forensics:
- Disk Forensics & Recovering Corrupted Image (SD Card)
- Misc:
- Leaking Sensitive Information via Bad Operation Security (Physical Security) (Zoonn Recording)
- Crypto:
- Cut-and-Paste Attack in AES ECB Mode (Catch-22)