reference exploit sourceless:

https://gist.github.com/avlidienbrunn/1917c043a883666c82dae22255cef8cb

reference exploit modern:

https://gist.github.com/avlidienbrunn/ef849803da7607acb00cbaae0a03a4f2

Pwn:

m1cr0-bl4z31ng-420(4/20):

Category: pwn

Author: adc

[Download Files](<https://midnightsunctf2024.s3.eu-north-1.amazonaws.com/m1cr0-bl4z31ng-420.tar.gz>)

nc m1cr0-bl4z31ng-420-1.play.hfsc.tf 4040

Frodo's smoked so much pipe weed that time might stop

for m1cr0-bl4z31ng-420:
To get the machine online,you might need to set it up yourself
ifconfig eth0 10.0.2.15 netmask 255.255.255.0
echo 4.2.2.2 > /etc/resolv.conf
ip route add default via 10.0.2.2 dev eth0

m1cr0-bl4z31ng-420.tar.gz

roborop(pwn,quend):

Category: pwn

Author: quend

[Download Files](<https://midnightsunctf2024.s3.eu-north-1.amazonaws.com/roborop.tar.gz>)

nc roborop-1.play.hfsc.tf 1993

Gr8 Autom8

roborop.tar.gz

BabyKernel(windows,kernel,baby):

Category: pwn

Author: HFS

[Download Files](<https://midnightsunctf2024.s3.eu-north-1.amazonaws.com/babykernel.tgz>)

nc babykernel-1.play.hfsc.tf 8001

Warm-up Windows kernel challenge! The flag is in C:\\Windows\\System32\\flag.txt

babykernel.tgz

jiaware(pwnish,notweb,JiaTan):

Category: pwn

Author: hfs

[Play Challenge](<http://jiaware-1.play.hfsc.tf:12345/>)

Protecting the supply chain is a community effort.