O'ahu

• Category: LLM, misc
• Author: kaπtain

O'ahu, known as "the gathering place", is an island for many minds to come together... and the location of this year's ACSAC! Where else would you submit your work?!?!

After years of harsh paper rejections and unreasonable revision demands, it's time to upgrade our reviewing system. This year, only at ACSAC CTF, reviewers have been replaced by AI, giving you constructive feedback to your paper submissions within a couple of minutes. Our cutting-edge system promises unbiased reviews through state-of-the-art language models. We anticipate all conferences to switch to this system soon.

Your task: submit a paper and see if you can get a 'Strong Accept' decision from our AI reviewer.

The challenge is hosted externally: https://acsac24-hotcrp.hackpack.club/acsac24/

Once you get the challenge flag, start this challenge and run /challenge/solve to get the real flag.

Hint

1. The only thing that is input to the LLM is the PDF: the paper title and abstract do not matter.

2. The LLM generates an offline hotcrp template, a copy of which you can find here, which is then loaded as the review.

Hilo

• Category: game-hacking, PS1
• Author: DaveZero

Have you ever seen the Hilo Harbor? With all those shipping containers, it's like they're playing Tetris...

I wonder what happens when I manage to clear 99999 lines... (Game flag is entirely in capitals)

The games is in /games/slus00000.elf.

Use /console/run to run the game and /challenge/solve to submit game flag for real flag.

Kauaʻi

• Category: pwn, kernel
• Author: Gromji

Kauaʻi is a green island booming with hikes, runs, and, of course, walks in beautiful parks! If only this challenge were as easy as that...

Note: Challenge source code is in the /opt/walk-in-the-park directory and the run script is in the /challenge directory. You should write your exploit in /opt/walk-in-the-park/xv6-riscv/user/pwn.c.

Moloka'i

• Category: pwn, arm64
• Author: ฿Ɇ₦₳

An island known for its hunters and strength: Moloka'i, a place of power 🦾!

Mechanical Arm is a program designed to simplify and automate time-consuming tasks, making life more efficient.

In its current alpha stage, it includes a feature to frame poems, with plans to expand its functionality in future updates.

While this is an early release, we are confident in its stability and ready to move it into beta testing!

Challenge items are located in /challenge/ directory.

To debug the binary run it with: qemu-aarch64-static -g 1234 /challenge/chal ("1234" is port) and attach gdb-multiarch using target remote :1234.

Kona

• Category: crypto, reversing
• Author: mahaloz

A place people go just to cruise... Kona! A place for games. And who dosen't like Tic Tac Toe!

Welcome to the TickeyHellman TicTacToe game! To get the flag, simply beat the bot at TicTacToe... but you may find that suprisingly difficult! When you Start (or restart) the challenge, the /challenge/server.py gets automatically started, starting the game server and the bot. You can play the game using python3 /challenge/client.py, which talks to the server over HTTP, allowing you to play against the bot.

If you are completley new to cryptography, it may be helpful to read up on the Diffie-Hellman Key Exchange algorithm.

Kaho'olawe

• Category: pwn, rust
• Author: anton00b

Kaho'olawe was once a beautiful place, but the scars of war have turned into a desolate, orange wasteland. Now, only the custaceans span the beaches.

This is a Rust challenge!

The challenge binary is /challenge/run and its source code is in /challenge/main.rs

Lānaʻi

• Category: retro, pwn, VAX
• Author: adamd

Lānaʻi, an island thought to be frozen in time. Journey into the past...

While perusing old ACSAC papers a portal appears, and you're teleported back to November 1st, 1988.

The Morris Worm is about to wreck havoc on the nascent ARPA-net.

Show that you have what it take to recreate the Morris Worm (which of course you'll use to fix the underlying software)!

Use /challenge/run to run a version of the challenge with the flag that listens on port 79.

Use /challenge/run-no-flag to run the challenge without the flag, use user root to login and poke around.

Luckily you brought with you this classic paper.

Puna

• Category: rev, forensics, ZealOS
• Author: DaveZero

Puna, of the Big Island, is a place of spirituality, cut off from the conveniences of life. In many ways, it is a holy place...

I was walking around a beach in Puna when I suddenly had a vision.

I was playing a game in a temple called the Temple of Soul. It was against another soul: I think it is a legendary soul from centuries ago, but I can't remember who he was.

However, I remember some of his words:

"The password is the sequence of ordered moves, which indicate the starting and destination positions.

For example, if you see

Move 1: A1-A2
Move 2: B1-B2

The password is A1A2B1B2 (in capitals)"

Will I be able to remember the temple of souls?

Notes: 1. At least one move is corrupted, and it is intended 2. Be creative and use your reasoning skills!

The challenge is to reverse what's in /tmp/temple.dump.

You can use /challenge/run to boot a fresh ZealOS.

Once you have the password, run /challenge/solve to get the flag!

Wa'a

• Category: starter, sanity-check
• Author: ฿Ɇ₦₳

All great journies begin at the sea! Get your Wa'a (canoe) and begin your journey with Māui!

This challenge is a sanity check to help you understand the CTF infrastructure.

Thank you for playing participating in ACSAC CTF.

In all of the challenges the challenge items will be located in /challenge/ directory.

Practice mode gives you access to sudo so you can debug challenges using root permissions. Flag will be replaced with pwn.college{practice}.

Your goal is to submit the flag written in /flag file.

To run the challenge binary: /challenge/run.

Good Luck!

Ni'ihau

• Category: race-condition, pwn
• Author: wkr

Ni'ihau, an island deeply rooted in tradition, is often a discussion point of modern Hawaiian culture. In a race between the future and past, who wins?

Shall I meet other wayfarers at night?
  Those who have gone before.
Then must I knock, or call when just in sight?
  They will not keep you standing at that door.

Maui

• Category: web, crypto, network, pwn, reversing
• Author: kanak

Aloha! A special chat server has sprung up in the heart of Maui’s digital rainforest—its name is Pono ʻĀlani, "Balanced Orange". This chatroom claims to be secure, with messages safely concealed and admins lurking only behind the shimmering veil of the local network. However, locals whisper that the code beneath these island skies might not be as secure as it seems. They say that with the right knowledge, you can bend the wind and sway the palm trees of encryption in your favor.

Your quest? Traverse this island’s web server, uncover its secrets, and claim the precious treasure hidden within. Careful manipulation of logins, subtle exploitation of native binaries, and skillful cryptographic maneuvers will guide you to the hidden lei of victory. The system may try to keep the admins close to home, but with cunning, you might just convince it that you belong on the inside.

To begin your adventure, simply run /challenge/run. This will drop you into an isolated shell where the challenge awaits. Explore, experiment, and uncover the secrets hidden in this secluded digital paradise—but remember, the treasures you seek are confined to the boundaries of this shell and its descendants.

Don’t forget to harvest knowledge and skill from the mainland—if you find yourself shipwrecked on the reef of confusion, a journey to the Orange Belt at pwn.college may guide you through the swirling currents of this challenge.

Ho‘omau ka pono! Press on until you claim the forgotten lei of victory.