0x0a Advent of CTF

The first meetup of the new year was also a very busy one. Almost 90 people RSVP’d to the event. The event is still being hosted on discord, with presentations (and anything requiring screen sharing) through YouTube, as discord can not handle such a significant load.

Advent of CTF

As most of the members of the meetup also participated in the Advent of CTF it was a much requested topic for this month’s meetup.

I gave a presentation (YouTube) about the work that went into the event for its preparation, how challenges were selected and, the most requested, how the infrastructure was setup. Most people had run into the rate limiter more then once, so all was revealed in order to satisfy curious minds!

All the challenges are now also available on Github.

I have already commited to organizing a new event in 2021, so that will be something to look forward to!

Show me the exploit!

After the presentation some people were hacking on our dedicated environment, but others started up some discussion in our voice chat. The topic; writing exploits. Mohammed started off with showing his single script that would solve all 24 challenges of the Advent of CTF under 1 minute!

That resulted in a very interesting discussion about SQL injection techniques and how to most efficiently solve a particular challenge.

After all the web application talk several binary exploitation exploits were also shown and explained. It was very geeky and lots of fun!