mh's blog

PoliCTF 2015 ‘Trollface’ Writeup

| Comments

I think something is hidden here, something that may seem useless.
GPG key: yaxceburkaukvefinneuvUvjueknykfa

» file trollface
trollface: ELF 32-bit MSB executable, OpenRISC, version 1 (SYSV), statically linked, not stripped

OpenRISC, cool! It’s for an open source CPU! Let’s see where the flag is hidden…

PlaidCTF 2014 ‘__nightmares__’ (Pwnables 375) Writeup

| Comments

Another Python sandbox outbreak challenge… with a non-pythonic solution.

Challenge setup

The Plague is building an army of evil hackers, and they are starting off by teaching them python with this simple service. Maybe if you could get full access to this system, at, you would be able to find out more about The Plague’s evil plans.

We’re also given the source code of the server:

PlaidCTF 2014 ‘Parlor’ (Crypto 250) Writeup

| Comments

Parlor was a interesting and fun challenge for me at this year’s pCTF. Here’s my writeup, I hope you’ll find it interesting.

Challenge setup

The Plague is running a betting service to build up funds for his massive empire. Can you figure out a way to beat the house? The service is running at

At the time of writing, the server is still online, so if you’re lucky, you can still play (before or instead of reading this writeup).

The gambling game offered by the server seem quite similar to SatoshiDice: