1. Main Page
2. Scoreboard
3. Profile
4. Chanllenges
(1) Crypto
crypto/garbled
My friend gave me a weird circuit to evaluate, but I forgot to ask her for the input. I know the circuit is supposed to return true, but everything's been garbled and I can't make heads or tails of it.
crypto/plagiarism
>>> Can I copy your CTF challenge?
>> Yeah, just change it up a bit so it doesn't look obvious you copied.
https://hxp.io/blog/1/RuCTF%20Quals%202014:%20Crypto%20500%20%22decrypt%20message%22%20writeup/
crypto/benaloh
No, it can't be. Who chose the nonces? I demand to know! I can't remember the last time... I saw an LCG.
crypto/signature sheep scheming signature schemes
The National Sheep Agency is pushing to standardize their own post-quantum digital signature. Something's not right...
nc dicec.tf 31614
crypto/newcrypt v2
0x1000
(2) Misc
misc/Survey
misc/Cuckoo's Nest
Enter here
misc/TI-1337 Plus CE
Texas Instruments just released the latest iteration of their best-selling TI-1337 series: the TI-1337 Plus Color Edition!
nc dicec.tf 31337
(3) Pwn
pwn/babyrop
"FizzBuzz101: Who wants to write a ret2libc"
nc dicec.tf 31924
pwn/flippidy
See if you can flip this program into a flag :D
nc dicec.tf 31904
pwn/hashbrown
Who doesn't like hashbrowns? I like them so much that I wrote a driver named after them! But apparently programming is hard and I might have made a mistake...
Please note that the following measures are active (whether they are important to the exploit process is up to you):
CONFIG_SLAB_FREELIST_RANDOM=y
CONFIG_SLAB=y
CONFIG_FG_KASLR=y
Plain Text
복사
SMAP, SMEP, and KPTI are enabled as well.
nc dicec.tf 31691
Note: only one connection per IP is allowed, and there is a 10 minute wall-clock time limit from the moment you connect. Test locally!
pwn/sourceless rust wasm pwn
I hope you like sourceless rust wasm pwn!
Haha, just kidding, here's the source.
... what, did you think the other part was a joke too?
Run with wasmtime ./wasmpwn.wasm --dir ./
nc dicec.tf 31798
pwn/Sice Sice Baby
"The challenge author, poortho, is notorious for only writing glibc heap problems."
nc dicec.tf 31914
pwn/Adult CSP
CSP can stand for many things
Baby CSP was too hard for us, we're bad at real webs - try Adult CSP.
(4) Quantum
quantum/quantum 1
We've found some sort of advanced codebreaker machine, and some encrypted messages it was trying to break. Can you crack it first?
Hint: This circuit is implementing a famous quantum algorithm to factor the public modulus. This modulus should be stored in the classical memory before evaluating the circuit (and immediately copied via cnot to the quantum memory during circuit_initialization.qasm), but is not provided in the challenge. However, the modulus was used to derive many numbers which are used by subroutines in the quantum algorithm, and all of those numbers are hardcoded in the circuit.
Hint: modular exponentiation is just repeated conditional modular multiplication, and modular multiplication is just repeated conditional modular addition, and modular addition is just several regular additions.
quantum/quantum 2
Let's increase the difficulty. Same algorithm, new circuit.
In practice, quantum compilers and programmers make use of techniques which don't exist in classical reversible computing, even for seemingly classical subroutines. While this circuit has more gates than the quantum 1 circuit, it also requires much fewer qubits. In fact, the main computational step only uses 2n+3 qubits.
(5) Rev
rev/babymix
Just the right mix of characters will lead you to the flag :)
rev/dice-is-you
DICE IS YOU
Controls:
•
wasd/arrows: movement
•
space: advance a tick without moving
•
q: quit to main menu
•
r: restart current level
•
z: undo a move (only works for past 256 moves and super buggy)
Play: dice-is-you.dicec.tf
rev/Guess the Vuln
Sourceless web is the best! Luckily, we intercepted the server and a message the server was trying to transmit.
Flag only has lowercase letters and underscores within the curly braces.
You do not have to fuzz the challenge to solve it. Please don't fuzz it, I'm begging you.
rev/Lost in Your Eyes
Your eyes are like a maze, and I hate mazes, so help me escape.
nc dicec.tf 31578
rev/procedural
So uhh, shader nodes are pretty cool... (tested in Blender 2.91.0 but should work in other versions)
rev/lambda
(lambda _:_(_))((lambda _,__='': _(_,__+'oh no, ')))
(6) Web
web/Babier CSP
Baby CSP was too hard for us, try Babier CSP.
The admin will set a cookie secret equal to config.secret in index.js.
web/Missing Flavortext
Hmm, it looks like there's no flavortext here. Can you try and find it?
web/Web Utils
My friend made this dumb tool; can you try and steal his cookies? If you send me a link, I can pass it along.
web/Build a Panel
You can never have too many widgets and BAP organization is the future. If you experience any issues, send it here
web/Web IDE
Work on JavaScript projects directly in your browser! Make something cool? Send it here
web/Watermark as a Service
My new Watermark as a Service (WaaS) startup just started using the cloud. It's so cool!
web/Build a Better Panel
BAP wasn't secure enough. Now the admin is a bit smarter, see if you can still get the flag! If you experience any issues, send it here
NOTE: The admin will only visit sites that match the following regex ^https:\/\/build-a-better-panel\.dicec\.tf\/create\?[0-9a-z\-\=]+$