https://systemoverlord.com/tags/writeups.htmlRecent content in Writeups on System OverlordHugoen-usdavid@systemoverlord.com (David Tomaschik)david@systemoverlord.com (David Tomaschik)Sat, 21 Apr 2018 00:00:00 +0000https://systemoverlord.com/2018/04/21/bsidessf-ctf-2018-coder-series-authors-pov.htmlSat, 21 Apr 2018 00:00:00 +0000david@systemoverlord.com (David Tomaschik)https://systemoverlord.com/2018/04/21/bsidessf-ctf-2018-coder-series-authors-pov.html<h2 id="introduction">Introduction</h2> <p>As the author of the &ldquo;coder&rdquo; series of challenges (Intel Coder, ARM Coder, Poly Coder, and OCD Coder) in the recent BSidesSF CTF, I wanted to share my perspective on the challenges. I can&rsquo;t tell if the challenges were uninteresting, too hard, or both, but they were solved by far fewer teams than I had expected. (And than we had rated the challenges for when scoring them.)</p> <p>The entire series of challenges were based on the premise &ldquo;give me your shellcode and I&rsquo;ll run it&rdquo;, but with some limitations. Rather than forcing players to find and exploit a vulnerability, we wanted to teach players about dealing with restricted environments like sandboxes, unusual architectures, and situations where your shellcode might be manipulated by the process before it runs.</p>