Pwn:

Intro to PWN 1:

Authors
localo

Difficulty
Intro

Categories
Pwn

Released
first_cycle

Description
This used to be a simple pwn challenge. But someone patched it and the win function doesn't print the flag anymore, can you still get it? If this is the first time doing binary exploitation, this challenge might feel a bit overwhelming. But don't worry, I have attached the first challenge from two years ago and a README for it. If you solve that one, you should be able to solve this one as well with a bit of tinkering. If you feel stuck, feel free to ask for help in the discord server.

Attachments
[intro-pwn-1.zip](<https://files.cscg.live/ceb05bbaf1e94d4a60650dd4befe090bd3e0859e75bded64fe55172c674f9f2c/intro-pwn-1.zip>)

intro-pwn-1.zip

Intro to PWN 2:

Authors
localo

Difficulty
Intro

Categories
Pwn

Released
first_cycle

Description
Format strings are a powerful tool in the hands of a hacker. They can be used to read and write memory, and even execute code. This challenge is a simple demonstration of how format strings can be used to write memory. Can you use it to get the flag?

Attachments
[intro-pwn-2.zip](<https://files.cscg.live/408ac2a94a357540e22047a697910f3023a194446a2fe06bf2d51952d72d6abb/intro-pwn-2.zip>)

intro-pwn-2.zip

canopysaurus:

Authors
itskiwi

Difficulty
Medium

Categories
Pwn

Released
first_cycle

Description
Something's wrong with the brontosaurus powering Fred's car. The Dino Control Unit (DCU) is acting up, and the mechanics at the Bedrock Motor Pool can't figure it out. Can you find the reset code for the DCU and help Fred get back on the road?

Flag format: dach2026{...}

Attachments
[canopysaurus.zip](<https://files.cscg.live/1e8de4c992af0c3c9588002ef297f7417a8f97c8e32427ff7a866f2169118f57/canopysaurus.zip>)

canopysaurus.zip

this-is-art:

Authors
p.howe

Difficulty
Hard

Categories
Pwn

Released
second_cycle

Description
I wrote this wonderful app to let you excavate the secrets buried at the bottom of an Android app :) (Note that it takes a couple of minutes for the challenge to start up)

Flag format: dach2026{...}

Attachments
[this-is-art.zip](<https://files.cscg.live/e9e3f6c2123f849c02205ddf6583107eb4784d712b2641429d54853b96fe4e0b/this-is-art.zip>)

this-is-art.zip

Bloatware:

Authors
Gehim

Difficulty
Medium

Categories
Pwn

Released
second_cycle

Description
Bootloaders and Image Parsers ...
Flag format: dach2026{...}

Attachments
[bloatware.zip](<https://files.cscg.live/de93c363fe7f2e3ddafd51c7d90f6b597daa646b2986446f367a697d06f8592b/bloatware.zip>)

bloatware.zip