Skip to content

karanlyons/stripe-CTF-solutions

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

19 Commits
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 

Repository files navigation

Stripe CTF Solutions

Just what it says on the tin.

What?

Stripe held a CTF challenge that ran for one week, February 22nd to the 29th. It was basically a series of pentests. These were my solutions to all of them.

Why?

For posterity, mostly. I had a lot of fun completing the challenge, and even made some friends along the way. Now that it’s over, sharing our solutions lets us all compare our methods and learn from one another. Also, brag a little bit.

How?

Each folder corresponds to a level. In the folders is the message of the day printed when you logged in, any associated files, a solution folder with the steps taken and code used to exploit the level, and an explanation of how the exploit was found and works.

To Do

  • Add an in depth explanation of how the magical solution to level04 works.

Credit Where It’s Due

A lot of the various improvements and implementations in level06’s timing attack, and the (forthcoming) explanation to the magical level04 solution are the result of my work with Thomas Hebb and Alex Yakoubian. We spent days bouncing off ideas to improve our timing attacks and stepping through level04 instruction by instruction to explain my magical solution. My work on the CTF would not be nearly as good without them.

About

Solutions to Stripe's CTF competition.

Resources

Stars

Watchers

Forks

Releases

No releases published

Packages

No packages published