Writeups

A collection of some writeups written by TJCSC

Brian Ho

picoGym - SideChannel

3/1/2024 — 2 minute read

Timing-based side channel attack on an pin-checker program

Brian Ho

picoGym - Specialer

2/20/2024 — 1 minute read

Reading files in a sandboxed environment

Darin Mao

ASIS CTF Finals 2021 - cuuurl

1/7/2022 — 2 minute read

Arbitrary curl to RCE

Darin Mao

TetCTF 2022 - ezflag 2

1/7/2022 — 4 minute read

Simple ROP through a socket

Darin Mao

TetCTF 2022 - magicbox

1/7/2022 — 3 minute read

Reversing a NOR machine

Darin Mao

redpwnCTF 2021 - gelcode-2 (pwn)

7/12/2021 — 2 minute read

Shellcode golfing

Darin Mao

redpwnCTF 2021 - devnull-as-a-service (pwn)

7/12/2021 — 7 minute read

ret2dlresolve on 64-bit binaries with huge pages

Darin Mao

picoMini by redpwn 2021 - Darin's Challenges

6/21/2021 — 8 minute read

Author writeups for picoMini by redpwn

Diana Lin

picoMini by redpwn 2021 - not-crypto (rev)

5/12/2021 — 1 minute read

Writeup for not-crypto (rev)

Diana Lin

picoMini by redpwn 2021 - notepad (web)

5/12/2021 — 3 minute read

Writeup for notepad (web)

Anna Hsu

picoMini by redpwn 2021 - advanced-potion-making (forensics)

5/11/2021 — 1 minute read

Fixing a corrupt PNG file

Anna Hsu

picoMini by redpwn 2021 - login (web)

5/11/2021 — 1 minute read

Client side login seems like a bad idea

Darin Mao

ångstromCTF 2021 - Jar/Snake/Ekans

4/15/2021 — 8 minute read

Exploiting heavily restricted pickle deserialization

Darin Mao

ångstromCTF 2021 - wallstreet (pwn)

4/15/2021 — 2 minute read

An unusual trick for format string exploitation

Darin Mao and Daniel Wang

picoCTF 2021 - BitHug (web)

4/5/2021 — 2 minute read

Exploiting SSRF in a complex web application

Darin Mao

picoCTF 2021 - Stonk Market (pwn)

3/31/2021 — 4 minute read

Tricky format string exploitation

Darin Mao

picoCTF 2021 - Bizz Fuzz (pwn)

3/30/2021 — 2 minute read

Automated analysis of a large binary

Darin Mao

justCTF 2020 - Pinata (pwn)

1/30/2021 — 10 minute read

Blind exploitation of nginx from justCTF 2020

Darin Mao, Saigautam Bonam, and Autin Mitra

TJCSC Winter Contest 2020

12/16/2020 — 14 minute read

Solutions to selected problems from the 2020 Winter Contest

Darin Mao and Stephen Huan

NACTF 2020

11/4/2020 — 2 minute read

Required writeups for winning teams.

Darin Mao

CSAW CTF 2020 Qualifier - blox (rev/pwn)

11/3/2020 — 6 minute read

This was a two-part series from the 2020 CSAW CTF Qualifier involving a small Tetris-like game.

Darin Mao

DamCTF 2020 - guess (pwn)

10/12/2020 — 1 minute read

This is my writeup for the challenge "guess" in the pwn category from OSUSEC's DamCTF 2020.

Darin Mao

CSAW RED 2020 Qualifier (crypto)

9/29/2020 — 2 minute read

Solutions for crypto challenges from the CSAW RED 2020 Qualification Round.

Darin Mao

CSAW RED 2020 Qualifier (misc)

9/29/2020 — 5 minute read

Solutions for misc challenges from the CSAW RED 2020 Qualification Round.

Darin Mao

CSAW RED 2020 Qualifier (web)

9/29/2020 — 1 minute read

Solutions for web challenges from the CSAW RED 2020 Qualification Round.

Darin Mao

CSAW RED 2020 Qualifier (pwn)

9/29/2020 — 6 minute read

Solutions for pwn challenges from the CSAW RED 2020 Qualification Round.

Darin Mao

CSAW RED 2020 Qualifier (rev)

9/29/2020 — 7 minute read

Solutions for rev challenges from the CSAW RED 2020 Qualification Round.