RITSEC18 The tangled web
· ☕ 1 min read
wget -r fun.ritsec.club:8007 You may find the file Fl4gggg1337.html is referenced or has already been download. The flag wasn’t there, but it has link to Stars.html. Fetch that file, the base64 encoded string is the flag for this challenge.

RITSEC18 Yet another HR Management Framework
· ☕ 2 min read
By judging the program’s interface, we know that it was a heap challenge. Spent quite a lot of time reversing it, I figured it out that it malloc a few bytes for the person struct on the heap, then the name will be malloc with the size entered and that address will be put in the person struct.

· ☕ 2 min read
babyOVERFLOW Exploit Tên file bài này gợi ý rất nhiều. “baby” thường được dùng trong CTF chỉ những bài đơn giản dành cho người mới “OVERFLOW” ở đây thì chỉ đến stack buffer overflow. Chạy nó, nhập vào thì nó in ra lại đúng như thế.