The LosFuzzys CTF Team

Posted on Di, 2016-04-26 in ctf • Tagged with ctf, losfuzzys, graz

In 2014 some infosec interested students at TU Graz started playing CTFs under the name LosFuzzys. In the last year, thanks to stefan and a couple of other very motivated guys, we managed to get more people interested and the whole thing going. Checkout our site for write-ups and more …


Continue reading

hack.lu CTF 2014 write-up: Hidden In Plain Sight

Posted on So, 2014-10-26 in ctf • Tagged with ctf, hacklu, javascript, node.js

OK I have to confess I solved this challenge by pure luck. The setting was that there is a service that allows you to register and the upload files. The uploaded files can be shared by creating a link, which contains a HMAC over the user and the filename. If …


Continue reading

hack.lu CTF 2014 write-up: Killy The Bit

Posted on So, 2014-10-26 in ctf • Tagged with ctf, hacklu, sql, php

This was a fun challenge :) The setting was that the royal bank of Fluxembourg was hacked by Killy the Bit and now they set up a page to reset the user passwords. Because Killy owes us a favor we received the source code for the password resetting page. So the …


Continue reading

hack.lu CTF 2014 write-up: Objection

Posted on So, 2014-10-26 in ctf • Tagged with ctf, hacklu, coco, node.js, CoffeeScript, JavaScript

So we got the source for something that looked like CoffeeScript, but had really strange string literals. After some investigation I found out, that this was in fact coco source code. Coco in turn is a fork of CoffeeScript. Both compile to JavaScript. The service allows you to login with …


Continue reading

Web Security Hardening

Posted on So, 2014-07-27 in security • Tagged with web, security

Last year during my summer internship I had the chance to catch up with current developments in Web-Security. In particular I had a closer look at mechanisms, that are used as a second line of defense or hardening mechanisms against common web attacks. I created drafts of blog entries describing …


Continue reading