Skip to content

Latest commit

 

History

History
564 lines (469 loc) · 14.7 KB

README.md

File metadata and controls

564 lines (469 loc) · 14.7 KB

Balsn CTF 2019

The champions will pre-qualify directly for HITCON CTF Finals in December (Onsite in Taipei, Taiwan).

  • Date: 10/5 10:00 a.m. (UTC+8) ~ 10/7 10:00 a.m. (UTC+8)
  • Format: Online Jeopardy
  • CTFtime link
  • Prize (the prize will be proceeded in BTC or ETH)
    • 1st place: $25,000 TWD + pre-qualify for HITCON CTF Finals
    • 2nd place: $15,000 TWD
    • 3rd place: $10,000 TWD
    • Balsn CTF Taiwan Star (1st domestic team): $ 10,000 TWD

Results:

Challenges

Misc

SecureCheck

  • Points: 330
  • Solved: 31
  • Description:
    No system call no pain
    `nc securecheck.balsnctf.com 54321`
    
  • Author: Billy
  • Link:

pyshv1

  • Points: 572
  • Solved: 13
  • Description:
    Continuous delivery is awesome.
    We deploy our code to production whenever we can.
    No code, no vulnerability.
    Everything works great.
    
    `nc pysh1.balsnctf.com 5421`
    
    Decrypt v2/v3 with flag from previous level using following command:
    `openssl enc -d -aes-256-cbc -salt -pbkdf2 -in task.tar.gz.enc -out task.tar.gz`
    
    Python version: python 3.6
    
  • Author: sasdf
  • Link: https://sasdf.cf/ctf/tasks/2019/BalsnCTF/misc/pyshv1/

pyshv2

  • Points: 857
  • Solved: 5
  • Description:
    Continuous delivery is awesome.
    We deploy our code to production whenever we can.
    No code, no vulnerability.
    Everything works great.
    
    `nc pysh2.balsnctf.com 5422`
    
    Decrypt v2/v3 with flag from previous level using following command:
    
    `openssl enc -d -aes-256-cbc -salt -pbkdf2 -in task.tar.gz.enc -out task.tar.gz`
    
    Python version: python 3.6
    
  • Author: sasdf
  • Link: https://sasdf.cf/ctf/tasks/2019/BalsnCTF/misc/pyshv2/

pyshv3

  • Points: 906
  • Solved: 4
  • Description:
    Continuous delivery is awesome.
    We deploy our code to production whenever we can.
    No code, no vulnerability.
    Everything works great.
    
    `nc pysh3.balsnctf.com 5423`
    
    Decrypt v2/v3 with flag from previous level using following command:
    
    `openssl enc -d -aes-256-cbc -salt -pbkdf2 -in task.tar.gz.enc -out task.tar.gz`
    
    Python version: python 3.6
    
  • Author: sasdf
  • Link: https://sasdf.cf/ctf/tasks/2019/BalsnCTF/misc/pyshv3/

JPcode

john

  • Points: 1000
  • Solved: 1
  • Description:
    
    text is unacceptable in our confidential flag checker.
    All traffics are encrypted.
    
    Note: Make sure you have a standard network setup. If you're not sure, try to use GCP.
    Our solution is tested on AWS (us-east) and GCP (us-central & asia-east).
    `nc john.balsnctf.com 5452`
    
  • Author: sasdf
  • Link: https://sasdf.cf/ctf/tasks/2019/BalsnCTF/misc/john/

Need_some_flags

Need_some_flags_2

Pwn

KrazyNote

  • Points: 572
  • Solved: 13
  • Description:
    Hide your secret in kernal space
    
    user: knote, passwd:knote
    
    ssh knote@krazynote.balsnctf.com -p 54321
    ssh knote@krazynote-2.balsnctf.com -p 54321
    ssh knote@krazynote-3.balsnctf.com -p 54321
    
    Finish your exploit before you connect to Remote. And try minimize your binary. 300 seconds should be enough for you to upload your exploit to the server.
    
  • Author: Billy
  • Link:

SimpleLanguage

  • Points: 957
  • Solved: 3
  • Description:
    Billy love ROP !?
    
    nc simplelanguage.balsnctf.com 54321
    
  • Author: tens
  • Link:

SecPwn

PlainNote

securenote

Machbook

Web

卍乂Oo韓國魚oO乂卍

Warmup

Donation

RCE Auditor

  • Points: 1000
  • Solved: 1
  • Description:
    http://rce-auditor.balsnctf.com/
    
    Download the source code here
    
    Chrome has retired the XSS Auditor, but how about the RCE Auditor? The evil eval_server is listening on 127.0.0.1:6666, but RCE Auditor protects us.
    
    
    This challenge requires Proof-of-Work (PoW). We have already finished the code for you. Please see pow.balsnctf.com . 
    
  • Author: bookgin
  • Link: https://github.com/BookGin/my-ctf-challenges/tree/master/balsn-ctf-2019/rce-auditor

Silhouettes

Images and Words

Rev

Hack Compiler

vim

plam

Smart Contract

simple sol aeg

  • Points: 957
  • Solved: 3
  • Description:
    Solidity Automatic Exploit Generation?
    try it:
    nc aab2596ac4a422a9f803ed317089c399b818bb72.balsnctf.com 30731
    Be a King
    
        Give you a contract bytecode, give me transaction data to be a king.
        Timeout = 10 seconds per challenge.
        You can call isKing() to verify it.
        pragma solidity 0.4.25
    
    
    This challenge requires Proof-of-Work (PoW). We have already finished the code for you. Please see pow.balsnctf.com . 
    
  • Author: ysc
  • Link: https://gist.github.com/YSc21/101c4b79195f202f78a098ffd951ae59

Bank

  • Points: 1000
  • Solved: 1
  • Description:
    Again, as those ctfs did in the past, we also implemented our 100% secure bank system, but on blockchain this time.
    
    Game environment: Ropsten Testnet
    
    nc bank.balsnctf.com 12345
    
    This challenge requires Proof-of-Work (PoW). We have already finished the code for you. Please see pow.balsnctf.com
    
  • Author: shw
  • Link: https://github.com/x9453/balsn-ctf-2019

Creativity

  • Points: 1000
  • Solved: 1
  • Description:
    Be concise, or be creative.
    
    Game environment: Ropsten Testnet
    
    nc creativity.balsnctf.com 12345
    
    This challenge requires Proof-of-Work (PoW). We have already finished the code for you. Please see pow.balsnctf.com
    
  • Author: shw
  • Link: https://github.com/x9453/balsn-ctf-2019

Crypto

collision

unpredictable

harc4

  • Points: 857
  • Solved: 5
  • Description:
    Four is the only number whose name in English has the same number of letters as its value, and the name of our favorite cipher, RC4, ends with 4.
    Coincidence? I don’t think so!
    nc harc4.balsnctf.com 5450
    
  • Author: sasdf
  • Link: https://sasdf.cf/ctf/tasks/2019/BalsnCTF/crypto/harc4/

shellcode writer

Web and Golang

Gopher Party

PPM

listcomp ppm

  • Points: 371
  • Solved: 26
  • Description:
    Solve 3 super easy list-comp challenges!!!
    Short! Shorter!! Shortest!!!
    
    nc easiest.balsnctf.com 9487
    
    UPDATE: the challenge runs by python3.6 UPDATE: the original code should already be list comprehension
    
    Question1: The first line would contain a positive integer N. Then there would be N lines below. Each line contains two integer A and B. Please output the corresponding A+B.
    Example Input:
    3
    1 2
    3 4
    5 6
    
    Example Output:
    3
    7
    11
    
    Input Length Limit: 75
    
    Question2: This is the knapsack problem that you know. Sasdffan is going to buy some junk foods. However, he has only limited budgets M. Each junk food would have two attributes, the cost of buying the junk food and the value of eating the junk food. The first line contains two positive integers N and M. Then, there would be N lines below. Each line contains two positive integers v and c. (v: value, c: cost). Please output the maximum value that Sasdffan could get after consuming all the junk foods he bought. Caution: Each junk food could only be bought once.
    1000 <= N <= 2000, 1 <= M <= 3000, 1 <= c <= 3000, v > 0
    Example Input:
    3 5
    1 2
    1 3
    2 2
    
    Example Output:
    3
    
    Input Length Limit: 200
    
    Question3: Depth of the tree. There is a size N tree with node index from 0 to N-1. The first line is an integer N (tree size). Then, there would be N numbers in the next line each represents the father of the node. (0 is always the root). 10 <= N <=10000. Please notice that for any i, father[i] < i.
    Example Input:
    3
    0 0 1
    
    Example Output:
    2
    
    Input Length Limit: 300
    
    
  • Author: hortune
  • Link: https://github.com/hortune/listcomp-ppm