If you know me, you know that I have serious, unresolved trust issues. Not so much with people, but with machines. As soon as I hand off a VM or physical machine to someone, I assume the data on t...
How to Hack a Developer
Picture this: You are a developer working on your favorite project. You love git and think anyone who dares to use a subpar version control system like mercurial or subversion should reconsider th...
DEFCON CTF Qualifiers 2021
pwn / nooopster Solved with help from: Will Green (Ducky) Challenge Description Sharing files like its 1999. Connect to my network with OpenVPN. nooopster.challenges.ooo 1999 Walkthrough: We’...
WeCTF 2021
web / cache Solved with help from: Will Green (Ducky) Challenge Description Arrogant Shou thinks Django is the worst web framework and decided to use it like Flask. To support some business logi...
zer0pts CTF 2021
re / infected Challenge Description The backdoor is installed on this machine: nc others.ctf.zer0pts.com 11011 or nc any.ctf.zer0pts.com 11011 How can I use it to get the flag in /root direct...
XMAS CTF 2020
pwn / Do I know you? Challenge Description You walk on the street. This guy seems to recognize you. What do you do? Files: chall Process I immediately threw the executable into BinaryNinja to...
Google CTF 2020
basics overview This challenge was a nice crash course in verilog, which I personally had never worked with. I even had to check to see what type of code was normally contained within a .sv file....
Odysseus
Disclaimer This method currently works on just certain 32bit devices. By certain I mean only for bundles that xerub can create with keys he has. Also, if your SHSH blobs and APTickets are invalid i...
DClr_Override
Update: So I hear a lot of you have bricked your devices using this method. I am sorry. I put the hefty disclaimer here for a reason. The following devices work (if you enter the correct nvram vari...
Downgrade Method
Disclaimer [Update]: I have fixed the bug mentioned below. I am now working on an easier method of just downloading the iPSW file and restoring to it with iTunes 11. I am not responsible for any d...