saarCTF 2023

Services from saarCTF 2023.

Building services

Enter a service directory and use docker-compose, e.g.:

cd pasteable
docker-compose up --build -d

Running checkers

Every service comes with a checkers directory, which contains a python-script named after the service. Running this script should place three flags in the service and try to retrieve them subsequently. Caveat: Make sure the gamelib is in the PYTHONPATH, e.g.:

PYTHONPATH=.. python3 bytewarden.py [<ip>]

Checkers require a Redis instance to store information between ticks. If you don't have redis installed locally, use the environment variables REDIS_HOST and REDIS_DB to configure one.

Flag IDs and exploits

The script get_flag_ids.py prints you the flag ids used to store the demo flags.

Each service comes with demo exploits to show the vulnerability. To run an exploit: python3 exploit_file.py <ip> [<flag-id>]

Services

• Django Bells | Writeup
• German Telework | Writeup
• Pasteable | Writeup
• RedisBBQ | Service Explanation
• SaaSSaaSSaaSSaaS | Writeup
• TuringMachines | Exploit Walkthrough