Saarsec

saarsec

Schwenk and pwn
Page 7 of 15

ENOWARS 3 WriteUp cyber-alchemist.

18.07.2019 by Marius Steffens.

cyber-alchemist was a python service at ENOWARS 3. It was a flask-based app which allowed users to perform actions similar to Cyberchef.

Read more

CInsects 19 WriteUp bufcore

18.07.2019 by Johannes

Bufcore was a binary service written for a custom CPU that implemented a password protected key-value store. As already suggested by the service name, bufcore suffered from a buffer overflow vulnerability that enabled attackers to read other users’ secret without knowing their password.

Read more

ENOWARS 3 WriteUp scavengepad

17.07.2019 by Jonas Cirotzki. Kudos to Markus for writing the exploit code.

ScavengePad was a C# service at ENOWARS 3. It was an ASP.NET-based app which allowed users to create projects containing tasks and track their progress. Projects and tasks could be enriched with markdown descriptions.

Read more