Dave Crawford

Dave Crawford

MetaCTF 2020

MetaCTF2020 Logo

MetaCTF was a 24hr event that ran October 24-25, 2020.

The challenges are listed in the order I solved them.

Crypto Stands For Cryptography

Challenge: Welcome to the crypto team! We help consult in a variety of areas around the security department, helping to make sure our company is using pro...

Forensics 101

Challenge: Sometimes in forensics, we run into files that have odd or unknown file extensions. In these cases, it's helpful to look at some of the file fo...

High Security Fan Page

Challenge: Uh oh, I woke up to hear that some Swifties seem to have sabotaged my Katy Perry fan page! After writing about why KP is clearly the better art...

Baffling Buffer 0

Challenge: While hunting for vulnerabilities in client infrastructure, you discover a strange service located at host1.metaproblems.com 5150. You've uncov...

Barry's Web Application

Challenge: I've made this cool new web application that I plan to use to host a blog. Please check it out at http://host1.metaproblems.com:5620/ Right now...

Big Breaches

Challenge: How many unique emails were exposed in the biggest single collection of breached usernames/passwords? Provide the answer (flag) in the format Meta...

ROT 26

Challenge: We've applied some encoding to obfuscate our messages. There's no way you can figure out the original message now?! I applied the unbreakable R...

Staging in 1…2…3

Challenge: The Incident Response (IR) team identified evidence that a Threat Actor accessed a system that contains sensitive company information. The Chie...

Everyone Loves a Good Cookie

Challenge: Cookies are used by websites to keep track of user sessions and help with authentication. Can you spot the issue with this site and convince it...

Welcome to the Obfuscation Games!

Challenge: During a recent incident response investigation, we came across this suspicious command executed by an attacker, and we'd like you to analyze i...

Not So Itsy Bitsy Spider

Challenge: Recent reporting indicates that a prominent ransomware operator, known as WIZARD SPIDER, was able to deploy Ryuk ransomware in an environment w...

The Last Great ZIP File

Challenge: Help! I've created a zip archive that contains my favorite flag, but I forgot the password to it. Can you help me recover my flag back? You ...

[REDACTED]

Challenge: The CEO of Cyber Corp has strangely disappeared over the weekend. After looking more into his disappearance Local Police Department thinks he ...

Diving into the announcement

Challenge: Vulnerabilities are patched in software all the time, and for the most serious ones, researchers work to build proof-of-concept (POC) exploits ...

Publish3r

Challenge: We believe we found a malicious file on someone's workstation. Judging by looking at it, the file likely came from a phishing email. Anyways, w...

Open Thermal Exhaust Port

Challenge: Our TCP connect Nmap scan found some open ports it seems. We may only have a pcap of the traffic, but I'm sure that won't be a problem! Can you...

Complete Transparency

Challenge: At ICMP Industries, we recently created a new subdomain off of our company website. Since our new super secret project is still in development,...

Mystery C2

Challenge: Our threat intel team detected some malicious Command-and-Control traffic in our network. Can you identify what C2 framework the threat actor i...