Page 2 of 7

ASIS CTF 2014 Quals web-75: Hidden flag

We were given a blank page.

But if we look at http headers, we can see that we have masked flag in them.

All that we need – find masked characters of flag.

Continue reading

NotSoSecure CTF 2014

We have got link to the login page. There is an interesting comment in the page source.


It looks like a base64 encoded data. Let’s decode it.
Continue reading

PlaidCTF Quals 2014 web-200: kpop

Sometimes, the Plague leaves some of his old stuff up and running. We found a K-Pop lyrics website the Plague wrote back when he was learning to program. It was open-source, too! We believe there might be something important in /home/flag/flag. Could you get it for us?

Continue reading

PlaidCTF Quals 2014 misc-10: Heartbleed

Back up now! Hopefully for good.
Our hearts are bleeding. But instead of bleeding password bytes, they’re bleeding flags. Please recover our flags so we don’t bleed to death before we can update to 1.0.1-g. Site is up at

Continue reading

PlaidCTF Quals 2014 web-300: WhatsCat

The Plague is using his tremendous talent for web applications to build social websites that will get bought out for billions of dollars. If you can stop his climb to power now by showing how insecure this site really is, (on IPv6 at 2001:470:8:f7d::1) maybe we will be able to stop his future reign of terror. Here‘s some of his source.

Continue reading

© 2022

Theme by Anders NorénUp ↑