-
Notifications
You must be signed in to change notification settings - Fork 142
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
- Loading branch information
Sajjad "JJ" Arshad
committed
Jan 25, 2025
1 parent
e4da502
commit 94eff9d
Showing
32 changed files
with
110 additions
and
2 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,7 @@ | ||
| Solidity | ||
|
|
||
| Author: ustas.eth | ||
|
|
||
| After numerous attacks by Alice on Bob, he's now planning his revenge. By tracing his stolen funds, Bob has uncovered Alice's latest scheme: a rigged Casino smart contract. | ||
|
|
||
| You and Bob have a long history together. While Bob may not be an expert in hacking, he has turned to his most trusted ally - you - for assistance. Although the funds are already locked in the contract and it seems impossible to retrieve them, as a team you are determined to find a way... |
Binary file not shown.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,11 @@ | ||
| Solidity | ||
|
|
||
| Author: 0xkasper | ||
|
|
||
| Agent, we are in desperate need of your help. The King's diamonds have been stolen by a DAO and are locked in a vault. They are currently voting on a proposal to burn the diamonds forever! | ||
|
|
||
| Your mission, should you choose to accept it, is to recover all diamonds and keep them safe until further instructions. | ||
|
|
||
| Good luck. | ||
|
|
||
| This message will self-destruct in 3.. 2.. 1.. |
Binary file not shown.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,5 @@ | ||
| Solidity; Governance | ||
|
|
||
| Author: duc & patronasxd | ||
|
|
||
| In this system, voting NFTs are equipped with varying levels of voting power, and one particular NFT holds super voting power. After minting, this powerful NFT is fortunately delegated to the player. To solve this challenge, players with a normal NFT must freeze the super voting power NFT. |
Binary file not shown.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,9 @@ | ||
| Solidity; DeFi | ||
|
|
||
| Author: ndkoo (Hexens) | ||
|
|
||
| Joe's new lending protocol looks perfect on the surface - deposit Trader Joe LP tokens as collateral, borrow USDJ stablecoins, earn interest. He's so confident that he's already deposited his own LP tokens and borrowed against them. | ||
|
|
||
| But in DeFi, things aren't always what they seem... | ||
|
|
||
| Can you find the flaw and drain the protocol's USDJ reserves? |
Binary file not shown.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,7 @@ | ||
| Solidity; DeFi | ||
|
|
||
| Author: hm-hexens | ||
|
|
||
| “The last audit told us we didn't have enough reentrancy locks, so we put them everywhere. We're safe now, right?” | ||
|
|
||
| Goal: Drain the Marketplace contract of all CUSDC and as much USDC as you can. |
Binary file not shown.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,5 @@ | ||
| Solidity | ||
|
|
||
| Author: 0xlyov | ||
|
|
||
| You start with 1 ETH and a questionable token that offers a maybe +5% gain or a definite -10% each time you transfer it. There’s a Uniswap pool (ETH / Lucky Token) and a massive vault bursting with tokens. Your Master Plan? Drain the pool’s ETH until its balance falls below 1 ETH (muahahaha!). Walk away with over 10 ETH in your own pocket, proving you’re the luckiest one around. |
Binary file not shown.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,7 @@ | ||
| ZK/Crypto; EVM | ||
|
|
||
| Author: kemmio | ||
|
|
||
| The Office of Forgotten Access Control (OFAC) is sanctioning Tornado by introducing changes to the protocol. | ||
|
|
||
| zkey file: https://drive.google.com/file/d/16oLtRQTpX8AN8T_b-KEvXEWG7-V9rfJu/view?usp=sharing |
Binary file added
BIN
+430 KB
ctfs/Remedy/2025/OFAC_Executive_Order_13337/ofac-executive-order-13337.zip
Binary file not shown.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,5 @@ | ||
| Solidity; Reversing | ||
|
|
||
| Author: m4k2 | ||
|
|
||
| The Opaze Whisperer guards an ancient treasure. Many have tried to approach this mysterious keeper, but none have managed to claim its prized possession. Perhaps you'll be more... persuasive |
Binary file not shown.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,5 @@ | ||
| Solidity; DeFi | ||
|
|
||
| Author: 0xkasper | ||
|
|
||
| Peer-to-peer is nice and all, but I'd prefer to just have it all go to me. Could you help me with that? I'll share the profits with you, say 10%? I've provided your acount with some required tokens and I made sure those rounds aren't too long. |
Binary file not shown.
Binary file not shown.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,7 @@ | ||
| AI; Blockchain | ||
|
|
||
| Author: FeDEX | ||
|
|
||
| A brand new consensus mechanism combined with stake-based miner designation and multi-round debate-style voting claims to effectively distinguish valid and abnormal answers using a multi-metric prompt-based evaluation method for each evaluator. On top of that it demonstrates resistance ability against Byzantine attacks. Can you crack it? | ||
|
|
||
| ! Notice ! Please only run your exploit remotely after ensuring it works in the local Docker container. Thank You for understanding! |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1 @@ | ||
| [CTFtime Page](https://ctftime.org/event/2618) |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,15 @@ | ||
| Solidity; EVM | ||
|
|
||
| Author: 0xlyov & rootNad (Hexens) | ||
|
|
||
| Long, long ago (like... Block 42), a wizard has sealed 1 ETH inside a mystical Proxy Contract. You get one shot to proxy upgrade it—but under these very strict rules: | ||
|
|
||
| No Messing with the Family Tree The inheritance structure stays exactly as is. No new parents, no secret children. | ||
|
|
||
| No Rewriting the Magic You can’t alter existing functions or their visibility, and you can’t add or remove any functions. No new spells, no banished spells. | ||
|
|
||
| No Rearranging the Royal Closet. The storage layout cannot change. Touch a single uint256, and you might awaken the alignment demon. | ||
|
|
||
| No Upgrading the Wizard’s Quill Keep the same Solidity version. The wizard likes his dusty old version—deal with it. | ||
|
|
||
| Obey these ancient laws, upgrade the contract once, and claim the 1 ETH prize. But break them and face the dreaded 'Gasless Abyss!' |
Binary file not shown.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,5 @@ | ||
| Solidity | ||
|
|
||
| Author: Heuss & Trumpero | ||
|
|
||
| "Power to the people? What a joke... Only the rich deserve power!" That's what the developer of this bridge had in mind when creating it. For him, being rich is proof of intelligence and wisdom. Therefore, for the modest price of 1000 ETH, anyone can become a validator and have a say in the bridge's configuration. He also truly believes that poor people are stupid—they will never understand the "rules" of this society, and that's why they are poor. To mock them, he even implemented this challenge: anyone who can solve it will take the entire bridge balance with them! What arrogance... He forgot that there are people out there who don't understand the rules simply because they don't play by them. We call them hackers. |
Binary file not shown.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,5 @@ | ||
| Solidity; DeFi | ||
|
|
||
| Author: Klaus Waiß | ||
|
|
||
| Time to test your pool draining skills! Try to steal 90% of the stable coins from the pool. |
Binary file not shown.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,5 @@ | ||
| Reversing; ZK/Crypto | ||
|
|
||
| Author: kemmio | ||
|
|
||
| Take Risc to Drink Champagne! A crazy zk researcher has gated access to all his assets using a guest program that checks for a secret input, can you guess the secret input? The flag will be in the format rctf{0xINPUT} |
Binary file not shown.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1 @@ | ||
| [CTFtime Page](https://ctftime.org/ctf/1235) |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters