Fact Of The Day
DefCon isn't actually cancelled; and no, there is no Black Badge raffle.
DefCon isn't actually cancelled; and no, there is no Black Badge raffle.
So, you're playing a CTF and you decide to try the pwn category for the first time. You're given a file with a weird or no extension, and a string that looks something like nc mydoma.in 12345. You figure out what NetCat is and you connect to the server, which asks you for some input and kicks you out no matter what you enter. You've never seen a challenge like this before.
He did it! He said the line!
Just this past weekend, Pacific Hackers Association and HackMiami joined forces to compete in the DEFCON CTF Qualifiers. The top 12 teams from this CTF go on to play the most competitive and challenging CTF in the world at DEFCON 31. Though, to be fair, our team wasn't of that caliber. We were able to solve 2 challenges (not counting the sanity checks) and finished in 92nd place, which is a great success by my standards! I was able to solve this one with the help of my friend Sam. It's a reverse engineering challenge, but with Python code instead of x86 assembly, which makes things much nicer.
This server is basically a simulation of the IND-CCA2 game testing a custom cryptographic system. The game is described in detail here https://en.wikipedia.org/wiki/Ciphertext_indistinguishability.