Skip to content
An archive of low-level CTF challenges developed over the years
Branch: master
Clone or download
Latest commit 67b3564 Feb 20, 2019
Permalink
Type Name Latest commit message Commit time
Failed to load latest commit information.
CONFidence CTF 2014
CONFidence CTF 2015 Change headings Feb 20, 2019
CONFidence CTF 2016
CONFidence CTF 2017 Fix formatting Feb 20, 2019
Dragon CTF 2018 Add missing flags Feb 20, 2019
LICENSE
README.md Formatting fix Feb 20, 2019
logo.png Initial commit Feb 20, 2019

README.md

CTF Challenges

This repository contains an archive of CTF challenges I developed in the last few years for various CTFs organized by my team – Dragon Sector. They are mostly software exploitation tasks with varying difficulty levels, for the x86/x64 architectures and Windows/Linux operating systems. Each subdirectory contains basic task information, original description, solution in the form of a short summary or a few slides from the post-CTF presentation, exploit code and optionally links to external solutions.

The challenges are as follows:

Name Competition Category Platform Arch. Difficulty
Pipeline Dragon CTF 2018 Exploitation / Programming Linux x64 Easy/medium
Production Dragon CTF 2018 (Teaser) Exploitation Linux x64 Easy/medium
Filesystem CONFidence CTF 2017 Exploitation Linux x64 Medium
Fastcalc-hardened CONFidence CTF 2017 Exploitation Windows x86 Hard
Fastcalc CONFidence CTF 2017 (Teaser) Exploitation Windows x86 Hard
Entree CONFidence CTF 2016 Exploitation Windows x86 Medium
Antipasto CONFidence CTF 2016 Exploitation Linux x86 Easy
Bubblegum CONFidence CTF 2016 (Teaser) Exploitation Windows x86 Hard
Night Sky CONFidence CTF 2015 Exploitation Linux x64 Hard
Quarantine CONFidence CTF 2015 (Teaser) Exploitation Linux x64 Hard
Crypto Machine CONFidence CTF 2014 Exploitation Linux x64 Medium
Memory CONFidence CTF 2014 Reverse Engineering Windows x86 Easy
Multipurpose Calculation Machine CONFidence CTF 2014 (Teaser) Exploitation Linux x86 Medium

Running the tasks

For exploitation problems, if the program listens on a port by default, leave it running and connect to the port to interact with the task. If it reads and writes to/from stdin and stdout, you should bind it to a TCP port of your choice (e.g. with netcat or socat on Linux, and the enclosed AppJailLauncher.exe tool on Windows), and connect to it to exploit the vulnerabilities. The goal is to obtain the contents of the flag.txt (or similar) file in the task's current directory.

For reverse-engineering problems, the goal is to extract the flag from the provided executable file.

About Dragon Sector

Dragon Sector

Dragon Sector is a Polish security Capture The Flag team. It was created in February 2013 and currently has 17 active members. We frequently participate in both online and offline security Capture The Flag competitions, publish write-ups on CTF tasks, and sometimes even organize CTFs.

You can find us on CTFTime, our blog and Twitter.

Contact

Questions, comments? Let me know at j00ru.vx@gmail.com.

You can’t perform that action at this time.