From 92fbe6dfa8da4c36a616bd42615f21d131e27dc9 Mon Sep 17 00:00:00 2001 From: Hannes Hauer Date: Sun, 19 Jan 2020 16:17:37 +0000 Subject: [PATCH] Fix Seccon19 formatting --- writeups/hah/seccon19.md | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/writeups/hah/seccon19.md b/writeups/hah/seccon19.md index 9c8eee5..cedcd2e 100644 --- a/writeups/hah/seccon19.md +++ b/writeups/hah/seccon19.md @@ -79,6 +79,7 @@ The download prompt contained another printf-vulnerability, and exploring it fur * Category: Crypto * 345 points * Time spent: ~3 hours + ZPKay was a crypto challenge consisting of a website that offered registered users to send custom currency to other users by use of generated QR codes. After registration each user was given 500 units of the currency, and 1 million was required to reveal the flag. Registering multiple accounts and pooling the currency was possible but would have taken too long; the intended path seemed to be to fake a QR code that allowed for withdrawal of high enough amounts from the admin account that sent the initial batch to each new user. Generating a couple of QR codes revealed that they encoded the username, the amount to be transferred, a proof and an hash: @@ -185,4 +186,5 @@ The javascript of the page showed that other than the amount and the user passwo * Category: Misc * 279 points * Time spent: ~1 hour -Sandstorm was a forensics challenge consisting of a grainy black-and-white-picture that contained some short text. Thinking the monochromatic pixels might encode a binary message I tried finding some relevant data using [zsteg](https://github.com/zed-0xff/zsteg) and stegsolve, but nothing interesting turned up. As it [turns out](https://github.com/10secTW/ctf-writeup/tree/master/2019/SECCON%20CTF%20quals/Sandstorm) I was on the wrong track and the image hid a QR code of the flag. \ No newline at end of file + +Sandstorm was a forensics challenge consisting of a grainy black-and-white-picture that contained some short text. Thinking the monochromatic pixels might encode a binary message I tried finding some relevant data using [zsteg](https://github.com/zed-0xff/zsteg) and stegsolve, but nothing interesting turned up. As it [turns out](https://github.com/10secTW/ctf-writeup/tree/master/2019/SECCON%20CTF%20quals/Sandstorm) I was on the wrong track and the image hid a QR code of the flag. -- 2.43.0