Ser Szwajcarski 🧀 was a challenge in hxp 38C3 CTF, The goal was to find and exploit a zero- or n-day vulnerability in ToaruOS. ToaruOS is a hobby operating system and is intended as an educational resource rather than a fully-fledged OS for everyday use, so security is not a primary consideration and there are plenty of vulnerabilities to be found. On top of that, the version in use, 2.2.0, was already over a year old at the time. For these reasons the challenge was in the “baby” category with an estimated difficulty of easy. Despite that, it’s a really cool OS and the challenge was a lot of fun, so I’m writing about it anyway.

Weechal was a binary exploitation challenge in Hack The Vote 2024, an election-themed computer security Capture the Flag (CTF) competition run by RPISEC.

I competed under the team name “worst” along with my friend Krishna and managed to solve this challenge on day two of the event. We were the second of five teams to solve it, missing first blood by a few hours.

Challenge

The challenge was a modified build of version 3.4 of the WeeChat IRC client that was running as a relay server using WeeChat’s own protocol, which is described by the user manual as being “used by remote interfaces to display and interact with WeeChat.” The exact commands used to launch the challenge have us communicating with the relay through a Unix domain socket and set “ctf” as the password needed to connect.