Link to archived challenge Category Difficulty Solves Author forensics medium 5 sudoBash418 Description We’ve received reports of a t3l0s git repository open to the internet, containing a secret key. Unfortunately, it looks like we were too late - the secret key is nowhere to be found! Can you help us out? Players are given a single file: git-repo.tar There is also a single hint available: git commit --amend && git push --force is not always a silver bullet....

Link to archived challenge Category Difficulty Solves Author reverse medium 2 sudoBash418 Description Run the executable and it will give you the flag… eventually. In a year or two. Think you can manipulate time? Players are given two files to download: hacking-through-time and hacking-through-time-arm64. There are also three hints available: Tracing library calls might help. This ain’t exploit: nothing’s stopping you from hooking whatever you want. The hacking-through-time-arm64 file is for ARM64 computers, such as newer Apple devices....

Link to archived challenge Category Difficulty Solves Author reverse hard 10 Spaghetti Description Our forensics team ripped this firmware off a strange proprietary electronic device that was confiscated from a t3l0s member. Can you figure out what it does? Players are given a file to download: kAjfehg-n. Players are also given a single hint: The language that the file is written in is Uyjhmn n Analysis Uyjhmn n is an esoteric programming language (or “esolang” for short)....

Link to archived challenge Category Difficulty Solves Author forensics medium 6 sudoBash418 Description We’ve managed to capture some data from an adversary - but they seem to have encoded the data in an image? Players are given an archive containing two files: generate.py and result.png. Analysis The player is meant to deduce that the generate.py script was used to encode some input into the given result.png. In this case, that input was the flag....

Link to archived challenge Category Difficulty Solves Author reverse medium 3 sudoBash418 Description We thought we found a flag… but it’s hidden inside this executable! Can you figure out its secret? Players are given two files to download: flag-checker and flag-checker-arm64. There are also three hints available: Static analysis is a good place to start. Ghidra should do the trick. Dynamic analysis can get you the flag too; try gdb. The flag-checker-arm64 file is for ARM64 computers, such as newer Apple devices....