picoCTF 2023 Writeups

Event link: https://play.picoctf.org/events/72

Writeups

• Web Exploitation:
  1. findme
  2. MatchTheRegex
  3. SOAP
  4. More SQLi
  5. Java Code Analysis!?!
  6. msfroggenerator2 (Unsolved)
• General Skills:
  1. Permissions
  2. useless
  3. Special
  4. Specialer
• Binary Exploitation:
  1. hijacking
  2. tic-tac
• Reverse Engineering:
  1. Ready Gladiator 1
  2. Ready Gladiator 2

Background

• Starts: March 14, 2023 12:00 PM EST
• Ends: March 28, 2023 3:00 PM EST

picoCTF 2023 is open to anyone, with prizes available to eligible middle school, high school, and university student teams.

Categories:

• Web Exploitation
• Cryptography
• Reverse Engineering
• Forensics
• General Skills
• Binary Exploitation

Overview

• Team: The Stealthy Flaggers (From JHDiscord)
• Team Member: oldsch00l125, siunam, DaHeed, S4ur0nXD, Vito_Corleone
• Team Solved: 32/74
• Individual Solved: 13/74
• Individual Score: 2700/9300
• Team Score: 4900/9300
• Rank: 399/6924
• Overall Difficulty To Me: ★★★★★★★★☆☆

What I’ve learned in this CTF

• Web Exploitation:
  1. Proxying HTTP Traffics (findme)
  2. Matching Regular Expression Pattern (MatchTheRegex)
  3. XXE Injection (SOAP)
  4. Authentication Bypass Via SQL Injection & Union-Based SQLite SQL Injection (More SQLi)
  5. Privilege Escalation Via Weak JWT Secret (Java Code Analysis!?!)
  6. msfroggenerator2 (Unsolved)
• General Skills:
  1. Vertical Privilege Escalation Via vi SUID Binary (Permissions)
  2. Reading The Manual Page Via man (useless)
  3. Bash Jail Escape (Special)
  4. RBash Escape (Specialer)
• Binary Exploitation:
  1. Vertical Privilege Escalation Via Python Library Hijacking (hijacking)
  2. File Path Race Condition (tic-tac)
• Reverse Engineering:
  1. Winning CoreWars “Imp” (Ready Gladiator 1)
  2. Winning CoreWars “Imp” (Ready Gladiator 2)