A copy of our exploit of bitterswallow of the DEFCON 2013 qualification round. No additional write-up or explanations besides our exploits.
An analysis of a defacement campaign by the prominent defacer group Team System Dz, supporters of the Islamic State of Iraq and the Levant / and Syria, a free Palestine, and opposed to Israel. Team System Dz defaced over 2,800 websites, including in the United Kingdom, the Netherlands, Germany, Spain, and France in the past 11 months to show political and religious messages.
A short write-up of the web 150 challenge "Robots Exclusion Committee" of the Hack.lu 2013 Capture the Flag competition. A straight-forward SQL injection in the username of a HTTP authentication prompt.
A quick write-up of EpicPhail/shellphish's solution to the second web 400 challenge of the CSAW 2013 qualification round: an indirect SQL injection via a server-side AES128-CBC encrypted plaintext.
A more exhausitive write-up on how we approached and solved Exploitation 500: SCP hack. Including how we visited the website from 7 of the required countries and two approaches that we followed but that ultimatelly failed to yield the key.
Write-up of the first web 400 challenge of the CSAW 2013 qualification round, a SQL Injection via a cookie value that stores a serialized PHP array.
A plain and simple write-up of 3 of the miscellaneous challenges from the CSAW CTF 2013 qualification round.