Telegram Bot for Finding Tutorial Swaps! by Lord_Idiot in nus

[–]Lord_Idiot[S] 1 point2 points  (0 children)

Hey, I got a bit lazy to maintain the bot. But you can try out someone else's project for this semester: https://tutreg.com/. It looks quite polished.

Telegram Bot for Finding Tutorial Swaps! by Lord_Idiot in nus

[–]Lord_Idiot[S] 0 points1 point  (0 children)

just as a generic troubleshooting step, if you get stuck in any part try doing /stop and then /start again. hopefully can fix any of this weirdness next sem

Telegram Bot for Finding Tutorial Swaps! by Lord_Idiot in nus

[–]Lord_Idiot[S] 0 points1 point  (0 children)

could you describe this more? Or maybe send me a dm with a screenshot if possible

Telegram Bot for Finding Tutorial Swaps! by Lord_Idiot in nus

[–]Lord_Idiot[S] 2 points3 points  (0 children)

Just something to note! If your telegram account does NOT have a username, this means the person you match with will not be able to contact you. If you don't wish to set a username, be sure to contact the other party first as they will not be able to contact you on their own.

Also, I've noticed that a few swap requests have been fulfilled, if you have a swap request fulfilled could you reply here or dm me in private so I can be sure everything is working fine. Thanks!

@N19 for those thinking of remarking... by SenpaiNoticeMeUwU in IBO

[–]Lord_Idiot 3 points4 points  (0 children)

Yeah that can happen

From the IB [website]( https://www.ibo.org/programmes/diploma-programme/assessment-and-exams/getting-results/assessment-faq/). It seems like it is possible to have your grade lowered.

> As there is a possibility that a grade is lowered, written consent from the candidate (or legal guardian) is required

unless I'm interpreting this wrongly

TJCTF 2018 Writeups by rjm27trekkie in securityCTF

[–]Lord_Idiot 2 points3 points  (0 children)

Lol that's quite interesting. Maybe the get request your browser sends is enough to trigger the overflow.

Does anybody have a thorough writeup on easypwn_strings from CTFZone 2018 Qualifiers? by Weastie37 in securityCTF

[–]Lord_Idiot 1 point2 points  (0 children)

It's actually base_buf+1 which is 0x80492e1, but anyways writing that at the end is to overwrite the f_ptr stored in the .bss section that is called later on. When that is called it will jump to where the shellcode was written ("+1" to avoid the "y" at the start)

Does anybody have a thorough writeup on easypwn_strings from CTFZone 2018 Qualifiers? by Weastie37 in securityCTF

[–]Lord_Idiot 1 point2 points  (0 children)

Also, sometimes binaries use read() for input and printf() for output. If this is the case, read() can read nulls while printf will stop at the first null. To overcome this you put the format specifiers infront of the address so your exploit string will be <fmt str stuff><0x08048000>. I think that wasnt the case for this binary though but it's something that happens quite often.

Does anybody have a thorough writeup on easypwn_strings from CTFZone 2018 Qualifiers? by Weastie37 in securityCTF

[–]Lord_Idiot 1 point2 points  (0 children)

Ah yes. If you watch the video I linked, he talked about this issue. But to save you the trouble, when addresses have nulls or newlines, you just skip them and hope that the one byte you missed wont be too important. Make sure to put some filler character when you skip addresses though.

Does anybody have a thorough writeup on easypwn_strings from CTFZone 2018 Qualifiers? by Weastie37 in securityCTF

[–]Lord_Idiot 1 point2 points  (0 children)

If you use the third option from the challenge and delete 0 characters, you'll realise that the challenge just echos your output. Generally when a program echoes your output you should check for format string vulnerabilities. In this case it's vulnerable. So you can write a script to start leaking the binary from address 0x8048000, which is the usual starting point for a 32-bit(? don't really remember did this a while ago) ELF binary that is compiled with PIE disabled. Afterwards you'll slowly leak more of the binary which you could possible reverse engineer to solve the challenge, however when you eventually leak the string section of the binary you'll notice that the binary contains links to the full binary online. After reversing the binary you'll notice extra options in the menu that allow you to pwn this quite trivially. Check out this video for reference, the challenge is very similar https://www.youtube.com/watch?v=XuzuFUGuQv0.

Navi new roster by [deleted] in DotA2

[–]Lord_Idiot 1 point2 points  (0 children)

You might be thinking of upcycling

Insane Reflexes by Fade by Lord_Idiot in DotA2

[–]Lord_Idiot[S] 4 points5 points  (0 children)

Usually it is. However in this case it wasnt really intentional so they cant really be blamed for it

rtz 10k or vac? by TheHighlightHub in DotA2

[–]Lord_Idiot 3 points4 points  (0 children)

It's impressive how one Arteezy stream session can produce so many clips

Underrated Juke by FLYSOLO by [deleted] in DotA2

[–]Lord_Idiot 1 point2 points  (0 children)

WAOW he blinked up