In a challenge from PicoCTF called no padding no problem that I unfortunately wasn't able to solve, and had to use a writeup, one thing that threw me in this writeup and some experimentation unpadded RSA, is that given D(c) = c^d mod n, D(c) = D(c mod n), why is this the case, why does one number raised to the power d mod n, end up being the same as the same number mod n then multiplied by d then mod again it just doesn't make sense, I think it has something to do with d being carefully chosen , but idk.

The info from LinkedIn

Fornebu, Akershus, Norway

(Approximate location)

Other on Other

LinkedIn Mobile

IP Address:

136.158.70.131

IP Address Owner:

Evry Norge As

Here's my info on iplook up

IP: 136.158.70.131 COUNTRY: Philippines COUNTRY ISO: PH STATE: National Capital Region CITY: Pasig POSTAL CODE: N/A LATITUDE: 14.5779 LONGITUDE: 121.074 ASN: 17639 AS-Name: CONVERGE-AS IS PROXY: No IS CRAWLER: No THREAT LEVEL: low ORGANIZATION: Converge Information and Communications Technology Solutions

Our team is recruiting experienced and active CTF players!

• Regular CTFs every weekend!
• Our players play from morning to night, solving challenges.
• Play and learn with professionals.
• Combined resources and tools to learn together!
• International team - with players from every continent.

Who are we looking for?
People who have some experience in playing CTFs and can give their time and energy to this team!

If you think you fit the criteria, then message me on discord:

discord username: zeptoide

New vulnerable VM aka "Convert" is now available at hackmyvm.eu

Im looking for 3-4 highly passionate people in cybersecurity to form a group where we can join CTF and share about experience and knowledge in cybersecurity in general.

If youre interested kindly drop your discord tag/username below.

Thank you and keep hacking

TryHackMe's CTF Collection series is an excellent introduction to some basic General & Web CTF skills.

Vol. 1: focuses on general skills such as decoding and steganography to mention a few categories

Vol. 2: focuses on web CTF skills to find 20 hidden easter eggs.

See my detailed write-ups below. I always like to give step by step beginner-friendly and detailed walkthroughs of my solution and methodology. I hope it gives you a different perspectives even if you have solved those challenges already :)

TryHackMe CTF Collection Vol. 1 (Write-up)

TryHackMe CTF Collection Vol. 2 (Write-up)

I have two files, one of type ".PDF.enc" and the other "memory.raw". I'm thinking of starting by analyzing the memory with the Volatility tool. I'm using the command "python vol.py -f memory.raw windows.pslist". Am I on the right track?

Have decent HBT experience and have multiple CTF challenges completed in a cybersecurity bootcamp through UTSA. Just looking to see what’s out there and make some new friends and connections.

Any good free ones ? Thanks in advance

i am really curious about this and wanting to try it but since they are based in US and Canada, I'm afraid of the latency I might potentially get. Is there anyone who can talk about this? I'm from Asia

The Wayne State University Cyber Defense Club is hosting the annual WSU CTF next week. Entry is free! The competition is beginner-friendly and starts next Saturday (April 13th, 2024 from 9:00 AM to 5:00 PM EST).

Sign up Here: https://waynestateuniversity-ctf24.ctfd.io/

I'm a beginner in solving CTF challenges, I need to make a team of people to discuss and learn from experts. I wish someone can help with it

I have an image and I need to find a flag so I won't get shamed by my friends. I can't find anything in the hex file, and exif data doesn't work either. What should I do now?

The U.S. DoD is sponsoring a Cyber Skills Challenge - the Cyber Sentinel - hosted by Correlation One. The event is free and for all skill levels – includes challenges related to Forensics, Malware/ Reverse Engineering, Networking & Reconnaissance, Open-Source Intelligence Gathering (OSINT) and Web Security. Each category will have challenges of easy, medium, and hard difficulty.

​

There’s no experience/ specific education requirements, though you must be a U.S. Citizen.

​

The challenge simulates various real-world cybersecurity scenarios faced by the DoD, and there may be job opportunities with the DoD for interested, and eligible, participants.

​

I though some people in this community may be interested. Event details:

​

Cyber Sentinel Skills Challenge

Competition date: May 18, 2024

Where: Remote

Cost to participate: Free

Who: US citizens from all backgrounds and levels of cyber and IT experience

Prizes: $15,000 prize pool + recruiting opportunities with the DoD

APPLY HERE

​

Happy to answer any questions!

picoCTF 2024 — Write-up — Web
My Walkthrough of the picoCTF 2024 Web challenges
https://cybersecmaverick.medium.com/picoctf-2024-write-up-web-992348f48b99

​

picoCTF 2024 — Write-up — Forensics
My Walkthrough of the picoCTF 2024 Forensics challenges

https://cybersecmaverick.medium.com/picoctf-2024-write-up-forensics-c471e79e6af9

​

HTB Cyber Apocalypse CTF 2024 Write-ups
Walkthrough of HackTheBox Cyber Apocalpyse 2024: Hacker Royale CTF Challenges

https://medium.com/bugbountywriteup/htb-cyber-apocalypse-ctf-2024-write-ups-95246e14ac48

Hey folks,

I'm an intermediate CTF player with general skills across different areas of cybersecurity, ready to team up for some serious CTF action. If you're passionate about cybersecurity and ready to tackle challenges together, hit me up! Oh, and I've also got some solid backend development experience. Let's crush it as a team. 🚀

I’ve read a lot that doing CTFs help you in career, I can’t do HackTheBox or TryHackMe as I can’t buy the premium subscriptions, I’m thinking of picoGym challenges and overthewire, are they good for beginners? And also how can I grind at CTFs like become better?

Try to solve it also reply to this message if you are partaking.

The image is the first clue

https://preview.redd.it/7ky4znw0fmrc1.jpg?width=4355&format=pjpg&auto=webp&s=7e30450f3c80763f0e003a74e522adf14efa574a

Any idea how much computation and memory I will need for around 50 participants to host ctfd ?

I keep running into this problem. It's clearly a a base64 ciphertext since I can get some cleartext out of decoding it but it's just littered with so many unknown characters.

guys I am hosting a CTF in my clg but the people who are testing my CTF are "useless" meaning they require the answers to be spoonfed.🥲

If anyone can please help test the ctf it would be really helpful. The ctf is in 2 days and the testing and hint making is still not done.

https://tryhackme.com/jr/ctfnexus

This is the link I am open to dms for doubts and u can also post here. I need help in the level of this ctf and how long it would take for the ctf to finish.

P.S. this link is temporary and the flags would be migrated once everything is ready. The event in clg is for 4 and a half hours we have been allocated 3 hrs. Thank you. I am sorry but I cannot provide anything in return for this.🥹

I'm running another iteration of my early career/developer CTF until 4/1 at:

SecureMy.Dev CTF

The top 10 players will be awarded a free CAPen exam voucher, courtesy of The SecOps Group. (£250.00 value)

While the event has already started there is time to place and ongoing opportunity to have a good time and learn. This CTF does not tell you where to find flags, you must pen test the site and discover. There is much more than meets the eye.

Please read the rules, this is not the place to point your gobuster and SQLMap, you won't learn that way and tools like this won't be effective.

What you will find from thoughtful, manual testing are some interesting flags, many modeled after real bug bounty findings and of course OWASP Top-10 style issues -- and a few memes.

There's something for everyone and those newer to CTFs will find a deliberate portion of the challenges approachable and hopefully inspiring. For the vets, there's plenty hidden under the covers to make you work for top score.

Have fun!

Is CTF challenges just for self improvement and fun or something you can put on CV?

hi, im trying to understand a weird behavior in the pet_companion pwn challenge, its a basic ret2csu challenge, so after overflowing and seting r12 to the desired address and rbx to zero (so that call QWORD PTR [r12+rbx*8] jumps to the address in r12), i don't understand why when setting r12 = 0x4004f0 <write@plt> it causes a segfault, while setting it to 0x600fd8 <write@got.plt> it works, even though there was a call 0x4004f0 <write@plt> instruction in main before and didn't cause a segfault, any help would be appreciated 🙂

first gadget:

   0x000000000040073a <+90>:    pop    rbx
   0x000000000040073b <+91>:    pop    rbp
   0x000000000040073c <+92>:    pop    r12
   0x000000000040073e <+94>:    pop    r13
   0x0000000000400740 <+96>:    pop    r14
   0x0000000000400742 <+98>:    pop    r15
   0x0000000000400744 <+100>:   ret

second gadget:

   0x0000000000400720 <+64>:    mov    rdx,r15
   0x0000000000400723 <+67>:    mov    rsi,r14
   0x0000000000400726 <+70>:    mov    edi,r13d
=> 0x0000000000400729 <+73>:    call   QWORD PTR [r12+rbx*8]

•  0x000000000040064a <+0>:     push   rbp
   0x000000000040064b <+1>:     mov    rbp,rsp
   0x000000000040064e <+4>:     sub    rsp,0x40
   0x0000000000400652 <+8>:     call   0x400607 <setup>
   0x0000000000400657 <+13>:    mov    QWORD PTR [rbp-0x40],0x0
   0x000000000040065f <+21>:    mov    QWORD PTR [rbp-0x38],0x0
   0x0000000000400667 <+29>:    mov    QWORD PTR [rbp-0x30],0x0
   0x000000000040066f <+37>:    mov    QWORD PTR [rbp-0x28],0x0
   0x0000000000400677 <+45>:    mov    QWORD PTR [rbp-0x20],0x0
   0x000000000040067f <+53>:    mov    QWORD PTR [rbp-0x18],0x0
   0x0000000000400687 <+61>:    mov    QWORD PTR [rbp-0x10],0x0
   0x000000000040068f <+69>:    mov    QWORD PTR [rbp-0x8],0x0
   0x0000000000400697 <+77>:    mov    edx,0x2e
   0x000000000040069c <+82>:    lea    rsi,[rip+0xc5]        # 0x400768
   0x00000000004006a3 <+89>:    mov    edi,0x1

  => 0x00000000004006a8 <+94>: call 0x4004f0 write@plt <- notice the call in main 0x00000000004006ad <+99>: lea rax,[rbp-0x40] 0x00000000004006b1 <+103>: mov edx,0x100 0x00000000004006b6 <+108>: mov rsi,rax 0x00000000004006b9 <+111>: mov edi,0x0 0x00000000004006be <+116>: call 0x400500 read@plt 0x00000000004006c3 <+121>: mov edx,0x15 0x00000000004006c8 <+126>: lea rsi,[rip+0xc8] # 0x400797 0x00000000004006cf <+133>: mov edi,0x1 0x00000000004006d4 <+138>: call 0x4004f0 write@plt 0x00000000004006d9 <+143>: mov eax,0x0 0x00000000004006de <+148>: leave 0x00000000004006df <+149>: ret

challenge link: https://github.com/hackthebox/cyber-apocalypse-2024/tree/main/pwn/%5BEasy%5D%20Pet%20companion/challenge