๐ฅณ x3CTF (feat. mvm)
announcements
1
7
1
10
3 7
7
4
2
2
2
1
2
1
2
as with all the prizes, this thing will come loaded up with music, videos, and other fun stuff for you to discover!
it will also be signed, but only after the ctf is over (so that we can write ur placement and stuff on it as a trophy)
25 11
8
5
9
5
2
1
1
as with all the prizes, this thing will come loaded up with music, videos, and other fun stuff for you to discover!
it will also be signed, but only after the ctf is over (so that we can write ur placement and stuff on it as a trophy) 
Well anyway, more effort went into this than I spent on challs so far 
but you already know I'm just the silly lttle sidekick here that absolutely would've run infra if we didn't get anyone else just for that
xoxo 1
this prize is an iPhone 6 that just looks neat!
it's probably the most boring prize out of the bunch since it doesn't have anything too special on it, but it still has all the music and video goodies you'd expect :3
and will be signed once the winners are decided, of course!
stay tuned for a more interesting prize drop tomorrow :P
11 6 7
1
2
2
2
2
2
2 2
3 2 19 7 4 4
4
4 1
alrightie @everyone! day 3 (of 5) prize announcement!
drumroll... we've got an iPod Touch (4th generation)!
of course we had to load this iPod up with all the music goodies because, well, it is an iPod!
but unfortunately, unlike the other prizes, we couldn't fit the video content on it, we ran out of space... 
but, teehee, there's a very good reason for that! 
this iPod has over 80 classic apps on it for you to play around with!
which ones? well, you can have a lil peek right now 
, but you'll have to win it to see the rest!
next prize drop tomorrow!
10
11
3
2
3 1
1
1 3
3
1
1
2 1
1 8
7 7 8
1 4
8
5
1 10 2
6
-# (anypony wanna be the 100th? https://ctftime.org/event/2467)
7
2
hi @everyone! time for our final, day 5 (of 5) prize announcement!
and this prize is an... iBook Pro!
no, just kidding! 
it's an iPad 2 inside of a case that looks like an actual book! 
this time we even had the space to load up all of the goodies you'd expect,
but just like the iPod, it's absolutely packed with apps! 
the same ones as the iPod? of course not! 
the 100 apps on this iPad are iPad apps entirely different from the ones on the iPod, so there's even more fun stuff to explore here
it's also been jailbroken and themed to look cool as fuck! 
and even though it supports iOS 9, we've upgraded it to iOS 6 
alrightie, see you for the countdown () 
18 2 11
7 2
1
if you don't wanna listen to 10 minutes of music, you can join later too, but you should still be there a minute before the start just so you can get a part of the experience :P
you can chat in #general or join the https://discord.com/channels/977222226631880777/977222227269419052 if you'd like (100% optional)
so tl;dr:
# go to https://x3c.tf and join the countdown at least a minute early! 
3
1 1
1
1 1
1 1 2 3 7 2 
2 4
6
1
remember how i said there would be a prize announcement every day until the ctf?
well, surprise!! there's (at least) one more! 
that's right, we're doing writeups and the best one gets their very own blåhaj!!! 
the writeup can be a markdown file, a blog post, a youtube video, or whatever other format you think would be neat! 
the exact info and rules around writeups will be announced later (we're thinking of having a deadline a week after ctf, but that's tbd) 
okay keep playing 
(
14 9
7
1 2 2
3 1 station :lyrathumbsup:
time to pwn them crypto challs :arizonaheadbang:
-# note: the rev challenge isn't in mvm
(shoutouts to: xtea418, alex_hcsc, 7o1, pwnpope, fabi07, coderion)
@everyone 15rubiks-dsa was updated to include permutation.txt. 2 1
Wave 2 begins
introducting, 2 new pwns, 4 new cryptos, 1 new rev, and 1 new misc!!
find them at your nearest station 
time to pwn them crypto challs 
-# note: the rev challenge isn't in mvm
(shoutouts to: xtea418, alex_hcsc, 7o1, pwnpope, fabi07, coderion) 1secure-sandbox fixed. 1secure-sandbox fixed. Everything should work now, please open a ticket if this isn't the case. 1
remember how i said there would be a prize announcement every day until the ctf?
well, surprise!! there's (at least) one more!
that's right, we're doing writeups and the best one gets their very own blåhaj!!!
the writeup can be a markdown file, a blog post, a youtube video, or whatever other format you think would be neat!
the exact info and rules around writeups will be announced later (we're thinking of having a deadline a week after ctf, but that's tbd)
okay keep playing (
1
1much-vulnerable-machine-2 and 3 work. 1 1secure-sandbox is fixed and should work now! 28
18 9
4
the first 15 minutes will be just music (with some fun surprises) to give y'all time to go grab a drink and stretch hooves or whatever
and then, at , there will be a fun little awards ceremony, so be sure to be there by then :3
-# (the party is at x3c.tf, but you can also join the https://discord.com/channels/977222226631880777/977222227269419052)
# 9 9 5 4 6 6 5 9
1
1 24 5
2
.+\{.+\}).
Some of you got lost on the way, and submitted flags of other ctfs. We have identified at least:
1337UP{}, INTIGRITI{})DUCTF{})GCTF{}, gctf{})TechnexCTF{})hxp{})rctf{})shc2024{})picoCTF{})openECSC{}, ECSC{})pdx{})tctf{})flagbot{})IWCON{})flag{})x3c\{(.*|cleanup_is_broken|n0w_l3ts_s3e_1f_its_s3cure|gdb_1s_4ctuall1_us3ful|a_m1llion_trie5_is_e4sily_doabl3|y0u_see_th4t_w4s_3asy|how_d1d_y0u_h4ck_m3)\}MVM{[REDACTED]}MVM{ThisIsObviouslyNotSafe}x3c{;@<L\<l,XzRx"zRx$FJw?;*3$"D\h.(pABA BA(ABA BAzPLRx4$e+ABB B(B0A8D@9}x3c{<content>}x3c{<flag_value>}x3c{Flag{this_is_not_the_flag}}x3c{^_-}x3c{fakersflag}x3c{flag}x3c{i think wrong flag}x3c{real_flag}x3c{rebane2024}x3c{th3r3_4re_[N]_MVMs_1n_my_c3rtif1cat3_[MD2(N)]}x3c{this_is_a_sample_flag}x3c{this_is_not_the_flag}x3c{this_is_the_final_flag}x3c{x3c{x3c{th3r3_4re_2_MVMs_1n_my_c3rtif1cat3_ef39fbf69170b58787ce4e574db9d842}}}x3c{x3c{x3c{x3c{th3r3_4re_3_MVMs_1n_my_c3rtif1cat3_3ab1faad513e753501264a716622ba06}}}}x3c{x3c{x3c{x3c{x3c{th3r3_4re_4_MVMs_1n_my_c3rtif1cat3_45992a02f948fe230c3265ae8175b91b}}}}}x3c{x3c{x3c{x3c{x3c{x3c{th3r3_4re_5_MVMs_1n_my_c3rtif1cat3_ed692e027c43c5f0f87039052e702a0b}}}}}} 31 15 7 3 11
3 5.+\{.+\}).
Some of you got lost on the way, and submitted flags of other ctfs. We have identified at least:
1337UP{}, INTIGRITI{})DUCTF{})GCTF{}, gctf{})TechnexCTF{})hxp{})rctf{})shc2024{})picoCTF{})openECSC{}, ECSC{})pdx{})tctf{})flagbot{})IWCON{})flag{})x3c\{(.*|cleanup_is_broken|n0w_l3ts_s3e_1f_its_s3cure|gdb_1s_4ctuall1_us3ful|a_m1llion_trie5_is_e4sily_doabl3|y0u_see_th4t_w4s_3asy|how_d1d_y0u_h4ck_m3)\}MVM{[REDACTED]}MVM{ThisIsObviouslyNotSafe}x3c{;@<L\<l,XzRx"zRx$FJw?;*3$"D\h.(pABA BA(ABA BAzPLRx4$e+ABB B(B0A8D@9}x3c{<content>}x3c{<flag_value>}x3c{Flag{this_is_not_the_flag}}x3c{^_-}x3c{fakersflag}x3c{flag}x3c{i think wrong flag}x3c{real_flag}x3c{rebane2024}x3c{th3r3_4re_[N]_MVMs_1n_my_c3rtif1cat3_[MD2(N)]}x3c{this_is_a_sample_flag}x3c{this_is_not_the_flag}x3c{this_is_the_final_flag}x3c{x3c{x3c{th3r3_4re_2_MVMs_1n_my_c3rtif1cat3_ef39fbf69170b58787ce4e574db9d842}}}x3c{x3c{x3c{x3c{th3r3_4re_3_MVMs_1n_my_c3rtif1cat3_3ab1faad513e753501264a716622ba06}}}}x3c{x3c{x3c{x3c{x3c{th3r3_4re_4_MVMs_1n_my_c3rtif1cat3_45992a02f948fe230c3265ae8175b91b}}}}}x3c{x3c{x3c{x3c{x3c{x3c{th3r3_4re_5_MVMs_1n_my_c3rtif1cat3_ed692e027c43c5f0f87039052e702a0b}}}}}} 3
6
1first ever x3ctf flag
- how to solve ctf challenges
- x3ctf 2023
- what is mvm
23 18 5 5 5 3
22 10
6
5
2
2
1 
but maybe we should do these discussion in encrypted staff chat 5) 3 5
8
8
so without further awoo, the first place award goes to...
love all the eyecandy and the interactive widgets
you're going home with a brand new blahaj!! 
-# ใฐ๏ธใฐ๏ธใฐ๏ธ
but uh... we still don't know what to do with the windows phone we have so uh...
the second place award goes to...
yep, you're getting a windows phone!
hope you find a use for it (because we didn't) 
-# ใฐ๏ธใฐ๏ธใฐ๏ธ
here are the rest of the submissions, they're all awesome!
-# blogdog (+ new CSS Injection XS-Leak!) by Jorian Woltjer
-# MVMCheckers Inc writeup by Oshawk
-# blogdog(web) Write up by ensy
-# Curved MVM writeup by Kesero
-# MVM writeup by hivesec
-# various writeups by William Lin
-# oh-my-writeup by pingotux
-# Submission video walkthrough by ZeroDay Gym
-# Submission video walkthrough by SloppyJoePirates
-# MVMCheckers Inc writeup by siunam321
-# writeups listed in a random order, some of these were not submitted but we added them to the list anyways
of course, the official solutions to all challenges can be found on our github 
12 4
this means you can reexperience the experiences as if it were live!
you'll have all the chat messages and mouse cursor shenanigans from the exact moments it all went down 
and you can also just skip straight to your favorite parts, should you prefer to 
but you can also revisit the platform with historic data and emulations of authentication and flag submissions! 
you can log in as any user, so if you want to see what what the platform looked like for the 1st place winners then go do it girl! 
the instance launching thing, while not launching actual instances anymore, is still visually functional just for the eyecandy alone, and now links to the github repos of each chall 
the handouts are of course all still downloadable, if you missed some earlier you can still get them now ^_-
and flag submissions do work! your solves even end up on the scoreboard (although not persistently) 
๏ธโโง๏ธ
we even went the extra mile and re-implemented the 10 submissions a minute rate-limit for ppl who into that kind of stuff 
all of this archived stuff runs client-side, so you can feel free to clone the repo and save a local copy for yourself 
31