Given the quality of the last Boston Key Party (BKP) CTF it wasn't unexpected that there would be some great challenges again this year. Wackusensor certainly fell into that category, providing an interesting target while not being as quite as difficult to solve as some of the other cloud challenges....

TL;DR: The combination of a less than great vulnerability handling processes by Adobe, and the use of default credentials by Microsoft yielded remote code execution on the signout.live.com domain. The following remote code execution vulnerability in the signout.live.com service was reported to the Microsoft Security Response Center in late 2015...

Over the last two days I've been participating in the Boston Key Party (BKP) CTF with a group ephemerally known as 'Fear Of A Whitehat Planet'. In the end, we didn't do too badly - with all of the web challenges, a couple of crypto, and only one of the...

Over the last two days I've been participating in the Boston Key Party (BKP) CTF with a group ephemerally known as 'Fear Of A Whitehat Planet'. In the end, we didn't do too badly - with all of the web challenges, a couple of crypto, and only one of the...

Over the last two days I've been participating in the 9447 CTF with a group ephemerally known as 'Moose 1v1'. As this was my first participation in any form of CTF, and our team managed to snatch the silver for being the second to solve this particular challenge, I thought...