Files

circlecitycon-2021
cryptohack
ctflearn
dawgctf-2021
dctf-2021
foobarctf-2021
glsc-ctf-2021
google-ctf-2019
hacker101-ctf
heroctf-v3
hsctf-8
picoctf-2019
- AfterLife
- CanaRy
- HeapOverflow
- L1m1tL335
- NewOverFlow-1
- NewOverFlow-2
- SecondLife
- WhitePages
- asm2
- c0rrupt
- caesar
- cereal-hacker1
- cereal-hacker2
- empire1
- got
- leap-frog
- like1000
- messy-malloc
- mr-worldwide
- overflow-0
- overflow-1
- overflow-2
- pointy
- rop32
- rop64
- rot13
- shark-on-wire1
  - capture.pcap
  - extract_pcap.py
  - writeup.md
- slippery-shellcode
- stringzz
- the-numbers
picoctf-2020
pragyan-2021
redpwn-2021
umass21
.gitignore
LICENSE
README.md

writeup.md

[writeup] add picoctf 2019 (part)

Jul 13, 2020

88b0327 · Jul 13, 2020

Download and open the pcap file with wireshark.

Check the UDP stream data, packages from 10.0.0.2 looks suspicious.

Using python scap module to load the pcap file.

Concat the raw data from 10.0.0.2 to 10.0.0.13, got a string in flag format, but it saids

  picoCTF{N0t_a_fLag}

Concat the raw data from 10.0.0.2 to 10.0.0.12, got a valid flag