saarsec

Piano was a php service at ENOWARS 3. The vulnerability was easy, but the interesting part was about parsing the flags.

Read more

cyber-alchemist was a python service at ENOWARS 3. It was a flask-based app which allowed users to perform actions similar to Cyberchef.

Read more

Bufcore was a binary service written for a custom CPU that implemented a password protected key-value store. As already suggested by the service name, bufcore suffered from a buffer overflow vulnerability that enabled attackers to read other users’ secret without knowing their password.

Read more