# STANDCON CTF 2021 ![](/files/PBu5Yym1Wb3To0HdIPfH) Here are the solutions to my challenges for the STANDCON CTF, hosted by N0H4TS on 25 July. It was my first time writing challenges for a CTF, so please feel free to let me know if you have any feedback! ## Web * [Space Station](/my-challenges/standcon-ctf-2021/space-station.md) * [Star Cereal](/my-challenges/standcon-ctf-2021/star-cereal.md) * [Star Cereal 2](/my-challenges/standcon-ctf-2021/star-cereal-2.md) Space Station was a relatively simple challenge, requiring participants to identify an LFI vulnerability in the PHP-Proxy library. Star Cereal and Star Cereal 2 proved to be the more challenging. Star Cereal required knowledge of PHP deserialization and object injection, while Star Cereal 2 required some creative thinking to piece clues together. Star Cereal 2 went unsolved until the last hour of the CTF when additional hints were released. ## Pwn * [Mission Control](/my-challenges/standcon-ctf-2021/mission-control.md) * [Rocket Science](/my-challenges/standcon-ctf-2021/rocket-science.md) * [Space University of Interior Design](/my-challenges/standcon-ctf-2021/space-university-of-interior-design.md) Mission Control was a relatively simple challenge, requiring participants to overwrite a global variable through a format string vulnerability. Space University of Interior Design was a rather fun challenge, requiring participants to escalate privileges through SUID and SUDO misconfigurations. Rocket Science proved to be the most challenging. This challenge required participants to find information on the lambdaJSON library, read the source code, and exploit it independently. ## Cryptography * [Rocket Ship Academy](/my-challenges/standcon-ctf-2021/rocket-ship-academy.md) * [Space Noise](/my-challenges/standcon-ctf-2021/space-noise.md) Rocket Ship Academy was a classic textbook RSA chosen-ciphertext attack. Space Noise was a little more challenging, requiring participants to find patterns in the given PCAP file, and infer that a covert channel was implemented using morse code. --- # Agent Instructions: Querying This Documentation If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question. Perform an HTTP GET request on the current page URL with the `ask` query parameter: ``` GET https://ctf.zeyu2001.com/my-challenges/standcon-ctf-2021.md?ask= ``` The question should be specific, self-contained, and written in natural language. The response will contain a direct answer to the question and relevant excerpts and sources from the documentation. Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.