My friend told me there's a secret page on this forum, but it's only for administrators.
The flag is located in
./flag.txt
.
I found this interesting binary from my temp files, I wonder what it does.
We've forgotten the password to our payroll machine. Can you extract it?
A small PHP script with
eval()
... What can go wrong?
To access the internet I setup a personal socks proxy using open-source software, and a tunnel with strong password is used to make it secure.
Here is my proxy config file and a network traffic captured when uploading my secret file to personal storage center. I do not believe anyone
Steal admin's cookie!
We have written a pretty useful library website where you can find all our books.
Subscribe to our newsletter!
NetCorpAnother telecom provider. Hope these guys prepared well enough for the network load...
Try to guess all encrypted bits and get your reward!
Script kiddie. One of my students felt like a cool ransomware hacker. This is just as funny as stupid, for we have all the traffic been written...
I have Noname; I am but two days old.
Dissolved... Image... What does that even mean?!
Flag is in the format: two_six{.*}
We've spun up an old websocket arbitrary precision calculator from 2014 just bc we can, obviously. We made a client for you. Give it a whirl!
We've set up a chroot for you to develop your musl code in. It's bare, so install whatever you need.The password is ... Feel free to log in with:
socat -,raw,echo=0 tcp:challenges.tamuctf.com:4353
Reverse this binary to determine the input number required to read the flag on the remote server.
I turned on a small CUPS server we found in the back for saving PDFs that we make locally. Didn't have SSH or anything, though, but thankfully it had socat.
I know you can't build on your machine -- it's so dumb that IT won't install JDK12 for one of our developers.
Go ahead and fire over a tarfile with the contents of src/main in it on our typical netcat port, I'll compile the test jar so you can run
no description
Our monitoring systems noticed some funny-looking DNS traffic on one of our computers. We have the network logs from around the time of the incident. Want to take a look?
We found this reference file for a program contained by a remote server, but we have no idea what it is. All we know is that whenever we connect there's a password prompt. Can you figure out what that password is?
We must train the next generation of hackers.
Echo as a service (EaaS) is going to be the newest hot startup! We've tapped a big market: Developers who really like SaaS.
nc challenges.tamuctf.com 4251
Try testing out this new credit system that I just created!Hint: Credit generation is rate limited. It is literally impossible to generate 2,000,000,000 credits within the CTF timeframe. Don't be that guy.
We've recovered this disk image but it seems to be damaged. Can you recover any useful information from it?
nc challenges.tamuctf.com 3424
Welcome to pwnland!
nc challenges.tamuctf.com 4252
Eliot Ness is the lead on taking down Al Capone. He has gained access to Capone's personal computer but being the good detective he is, he got the disk image of the computer rather than look through the actual computer. Can you help Ness out and find any information to
Lorelei, a nuclear engineer, is practicing how to create folders to organize her notes. She works closely withPOTUS to secure our nuclear missiles. In order for her to send the nuclear codes to the correct authorities, she needsto zip all the files and make the data hard to find. Your
Even if you could get the first flag, I bet you can't pop a shell!
Crack this.
e3f8e5110e29e6fde31a0861f0a4dd13530db5ffdd17113be6c2dd1c022f
You've heard of discrete log...now get ready for the discrete superlog.
My furrier friend tried to send me a morse code message about some new furs, but he was using anoisy connection. I think he repeated it a few times but I still can't tell what hesaid, could you figure out what he was trying to tell me? Here's the code
RSA is kinda bad but I strengthened it with the unbreakable one time pad!
Clam's tired of people hacking his sites so he spammed obfuscation on his new game. I have a feelingthat behind that wall of obfuscated javascript there's still a vulnerable site though.Can you get enough points to get the flag? I also found the backend source.
I developed a new video streaming service just for hackers. Learn all about viruses,IP addresses, and more on LeetTube! Here's the source code and the Dockerfile.Note: the server is also running behind NGINX.
My friend sent my yet another mysterious recording... He told me he was inspiredby PicoCTF 2019 and made his own transmissions. I've looked at it, and it seemsto be really compact and efficient. Only 31 bps!!
Ask and you shall receive...that is as long as you use the magic word.
Clam thinks he's really cool and compiled a database of "criminal records" with a site to top it all off. I've dropped the tables once before but this time he took some extra security measures and I think he even hid a flag in there. Can you get
My super secure service is available now!Heck, even with the source, I bet you won't figure it out.
One year since defund's descent. One crypt. One void to fill. Clam must do it, and so must you.
I made a stream cipher!
A tear rolled down her face like a tractor. “David,” she said tearfully, “I don’t want to be a farmer no more.” Can you call the flag function in this program (source)?
Agriculture is the most healthful, most useful and most noble employment of man. Can you callthe flag function in this program (source)?
RSA strikes again!
How to make hiding stuff a e s t h e t i c? And can you make it normal again?
You remember when I said I dropped clam's tables? Well that was on Xmas day. And because I ruined his Xmas, he created the Anti Xmas Warriors to try to ruin everybody's Xmas. Despite his best efforts, Xmas Still Stands. But, he did manage to get a flag
Page 1 / 5 »