At last year’s Pwn2Win, we (spritzers) were the only team to solve the SGX challenge. We played again this year, getting 6th place. There was another trusted computing challenge (pwn), on TPM 2.0 this time: we kept up the tradition and were the only team to solve it. So here’s a writeup, enjoy :)
This weekend I played Kaspersky Industrial CTF 2018 with spritzers, where we got 7th place. Not bad considering most of us couldn’t play (and I slept way too much :P). I liked “modcontroller”, a pwn challenge worth 994 points in the end. It actually was more of a web challenge than a pwn one, and I enjoyed doing something different than usual.
Last weekend, I played HITCON CTF 2018 for a bit with our spritzers team. I did not have much free time, so I ended up focusing on a single hard challenge: Secret Note (342 points, pwn/crypto). I have been doing pwn for a while, but recently I have also become interested in crypto, so it looked like fun, and indeed it was!
I’m a big fan of American Fuzzy Lop. It’s a robust and effective coverage-guided fuzzer, and it supports a QEMU mode to fuzz closed-source binaries. QEMU mode, however, comes with a significant performance price. Can we make it better?
From the 2nd to the 5th of August 2018, Italian Hacker Camp was held in Padova, Italy. It was an amazing event - I highly recommend my Italian (and not!) fellows to participate. As spritzers, we played and won the internal CTF. Among the challenges I pwned, I particularly enjoyed “The Lollipop Service” - heap exploitation with a custom allocator.