I have participiated in various CTFs as part of (now defunct) Hypnosec team and also on occasion attempt to break other things.
/var/tmpwithin the sandbox chroot was world-writable, where files would persist on disk on the server your program was run on.
- It was possible to trick a user into logging out of Grok Learning by making their browser send a
- API responses for submissions that failed a test case always contained expected and actual output, even if this data was meant to be hidden from the user.
- Due to a design flaw in the automarker, specially crafted output could cause a persistent XSS.
- HashBang CTF (SUITS + UNSW SecSoc)
Helped run and write a CTF as part of a collaboration between the Sydney Uni IT Society and UNSW Security Society.
- UNSW CTF
The birth of Hypnosec. We placed 4th overall (2nd amongst high schools).