DEF CON CTF Qualifier 2025 Writeup

CTF writeup

この大会は2025/4/12 9:00(JST)~2025/4/14 9:00(JST)に開催されました。
今回もチームで参戦。結果は306点で195チーム中46位でした。
自分で解けた問題をWriteupとして書いておきます。

LiveCTF Warmup (LiveCTF)

テスト用なので、手順を追って実行していけばよい。

$ cat <<EOF > Dockerfile
FROM livectf/livectf:quals-exploit
COPY solve.py /
WORKDIR /
CMD ["python3", "solve.py"]
EOF

$ cat <<EOF > solve.py                                                                                                                                                                                           
from pwn import *
HOST = os.environ.get('HOST', 'localhost')
PORT = 31337
r = remote(HOST, int(PORT))
r.recvline_contains(b'Give me input: ')
r.sendline(b'WIN')
r.recvline_contains(b'You sent: ')
r.sendline(b'./submitter')
flag = r.recvline_contains(b'LiveCTF{').decode().strip()
log.info('Flag: %s', flag)
EOF

$ tar czf solution.tar.gz Dockerfile solve.py
$ curl https://play.livectf.com/api/challenges/0 -F exploit=@solution.tar.gz -H "X-LiveCTF-Token: ticket{CuteLola5615n25:nPIxl2vMtzYwWTQRVTfQNm3VsbfJDxbhPknDw5On7_0CdR_o}"                                      
{"exploit_id":"2a3b4202-d139-4ec7-974b-41c2e69386cd","team_id":224,"team_token":"ticket{CuteLola5615n25:nPIxl2vMtzYwWTQRVTfQNm3VsbfJDxbhPknDw5On7_0CdR_o}","challenge_id":0,"archive_id":"55b1072d-5f62-4169-8b8f-1c0c84d8cab2","status":"Submitted","score_awarded":null,"submission_time":"2025-04-12T01:05:49.754417960","run_duration":null}

$ curl https://play.livectf.com/api/exploits/2a3b4202-d139-4ec7-974b-41c2e69386cd -H "X-LiveCTF-Token: ticket{CuteLola5615n25:nPIxl2vMtzYwWTQRVTfQNm3VsbfJDxbhPknDw5On7_0CdR_o}"                                 
{"exploit_id":"2a3b4202-d139-4ec7-974b-41c2e69386cd","team_id":224,"team_token":"ticket{CuteLola5615n25:nPIxl2vMtzYwWTQRVTfQNm3VsbfJDxbhPknDw5On7_0CdR_o}","challenge_id":0,"archive_id":"55b1072d-5f62-4169-8b8f-1c0c84d8cab2","status":"RunSolved","score_awarded":null,"submission_time":"2025-04-12T01:05:49.754417","run_duration":1}

$ curl https://play.livectf.com/api/exploits/2a3b4202-d139-4ec7-974b-41c2e69386cd/output -H "X-LiveCTF-Token: ticket{CuteLola5615n25:nPIxl2vMtzYwWTQRVTfQNm3VsbfJDxbhPknDw5On7_0CdR_o}"                          
{"output_id":"5dddaf1e-e65c-407e-a6e6-d9625e5ef195","exploit_id":"2a3b4202-d139-4ec7-974b-41c2e69386cd","stdout":"[x] Opening connection to 2a3b4202-d139-4ec7-974b-41c2e69386cd-challenge on port 31337\n[x] Opening connection to 2a3b4202-d139-4ec7-974b-41c2e69386cd-challenge on port 31337: Trying 10.89.0.2\n[+] Opening connection to 2a3b4202-d139-4ec7-974b-41c2e69386cd-challenge on port 31337: Done\n[*] Flag: Flag: LiveCTF{1d0ccd1a-bf62-41b5-957b-e9e5c6f57c8b}\n[*] Closed connection to 2a3b4202-d139-4ec7-974b-41c2e69386cd-challenge port 31337\n","stderr":"","created_at":"2025-04-12T01:06:41.186615"}