One of the challenges of the second iteration of the German Hacking Championship was a web-based feedback form, written in C#. The service contained an internal class _Flag_ that we had to leak:

internal class _Flag_ {
    internal static string FLAG => "DHM{fake}";
}

In the second iteration of the German Hacking Championship, one of the challenges consisted of a misconfigured Authentik instance. Authentik is a self-hosted, open-source identity provider. The challenge provided us with a blueprint.yaml file, a template that can automate Authentik configurations and manage user-interaction flows.

In the second iteration of the German Hacking Championship, one of the challenges featured a 2D game called “Dodge the Creeps”. This game is based on one of the sample projects from the Godot game engine, but written in Rust and compiled to WebAssembly. The goal of the challenge was to reach level 1337 in the game, which is practically impossible.

This is a writeup I wrote together with Lorenz, first published on saarsec.

Overview

cake-configurator is a COBOL-based TCP service that allows users to configure and order cakes and track their orders conveniently in the terminal. Connecting via socat yields a user interface that prompts us to either register or login.

In the first iteration of the German Hacking Championship, we were given a linear-feedback shift register (LFSR) over a Galois Field with two elements. In this writeup, I want to explain what a LFSR does and how we can solve this challenge using linear algebra.