HKCERT CTF 2023 Writeup

CTFTime event link: https://ctftime.org/event/2122

Writeups

• pwn:
  1. MongoJail
• reverse:
  1. Gacha Simulator
  2. ISA Intrusion
• web:
  1. Baby XSS again
  2. Re:Zero
  3. Fake/Ground Offer
  4. Secret Notebook
• forensics:
  1. Yes, I Know I Know
• misc:
  1. ST Code (I)
  2. Psychic AI

Background

• Starts: 04 November 2023, 18:00 UTC
• Ends: 05 November 2023, 18:00 UTC

This is the 4th year we organise this CTF competition. The objective is to arouse the cyber security skills and awareness of the industry and students. And encourage participants’ problem solving with teamwork, creative thinking and cyber security skills via a fun game.

Categories:

• crypto
• pwn
• reverse
• web
• forensics
• misc

Overview

• Solves: 12/46
• Score: 2020
• Global Rank: 54/312
• Academic Rank: 17/73
• Overall Difficulty To Me: ★★★★★★☆☆☆☆

What I’ve learned in this CTF

• pwn:
  1. MongoDB shell jail escape & filter bypass (MongoJail)
• reverse:
  1. Removing VBA project password & reverse engineering PowerPoint VBA code (Gacha Simulator)
  2. Dynamic reverse engineering a custom assembly language (ISA Intrusion)
• web:
  1. Exploiting reflected XSS & CSP bypass using Pastebin (Baby XSS again)
  2. Modifying local storage data (Re:Zero)
  3. Exploiting flawed gacha system (Fake/Ground Offer)
  4. Exploiting conditional time-based SQL injection & filter bypass (Secret Notebook)
• forensics:
  1. Packet inspection & decrypting encrypted RC4 message from DNSExfiltrator (Yes, I Know I Know)
• misc:
  1. Decoding binary inside a SVG file (steganography) (ST Code (I))
  2. ChatGPT prompt injection (Psychic AI)