GryphonCTF_2016_Write-up

Hello, this repository will serve as a write-up to the GryphonCTF competition challenges.

Completed Challenges

Challenges without links are uncompleted/unattempted challenges (Damn it amon) Challenges appended with a [*] are challenges completed after the competition. Doesn't count. Damnit.

Reflection

As the competition comes to a close, with JEAM losing 1st place to TRiggeRed with almost 84 points in the lead, the final scoreboard looks like this.

1 - TRiggeRed - 675
2 - JEAM - 591
3 - Chicken Tandoori - 555
4 - Team Sailou - 420
5 - Luminous Cheesecake - 395
6 - Team Dig Bick - 315
7 - NUSGreyhatsNoobs - 310
8 - chmod 000 /dism/ctf - 250
9 - novaAF - 250
10 - Antimatter - 235
11 - 2CAP||!2CAP - 228
12 - jkdj - 190
13 - Pico - 180
14 - ShoulderSurfers - 150
15 - lowkeylosers - 130
16 - Counter Logic Hacking - 125
17 - TeamIronMan - 125
18 - Comeback - 100
19 - Team ScapeGoat - 65

If there's one thing I learned during the whole competition, I don't really know binary exploitation too well and I certainly hope to be able to improve on that before the next CTF comes around. From conversations with the challenge setter (@nnamon), I learned that while modern systems are not vulnerable, IoT products given limited processing capabilities and storage capacity, are much more vulnerable to binary exploitations, so that's something interesting.

I originally intended to join this competition as a solo player but because of team size requirements, I recruited @zst123 (Manzel) and two other people just to meet the team size of 4. Throughout the competition, I've also come to realize that having more minds equals to having more perspectives to take on challenges, especially challenges of a black box nature. @zst123 has helped a fair bit in giving his own perspective and that I appreciate greatly.

To sign off this reflection, I would like to add how salty I feel about team TRiggeRed utilizing hidden flags at the last minute. Very very salty.

P.S. @Deathline78 should be banned eternally from setting challenges.

Sincerely, Amos Ng @LFlare