#general

dice{c

😮

😮

new character drops every hour

stay tuned

demote rob for leeks

:(

flag oracle

🔨

dice{ie

dice{b

dice{🅱️

poortho forensics as a service pwn

may or may not be fake leeks

what the hell

no leeeeeks

._.

smh

i just typed a random char

idt either of my flags

start w/ that

leak!

One of my flags start with dice{

o same

now we know what the flag isnt

ends with }

That's too much of a leek

inb4 the flags dont start with dice{

can we dq hk

dice{[a-z0-9_]*}

leaked flag format

do we have flag format

yes!

#rules

.*

... isn't regex smh

😦

how will they know what chars to sidechannel

for the hardware sidechannel pwn

we have a regex but i think regex flag formats are confusing

at least give us it

for beginners at least

regex pwn

o true

just like

have it at the bottom

behind a no beginner barrier

hii hk

u can check if flag is suitable in online tools

wow

hype

isnt this ctf gonna be confusing for beginners anyways?

this is good

lol

https://gnk.io/flag-checker

wtf

we're writing beginner challs rn lmao

so there will be some beginner stuff

wow last minute smh

good to see you are prepared

:D

added regex to #rules

thats a fat regex

poortho rust pwn

wat?

rust 0day this time

u rite

im dropping a rust 0day

tfw hk haxored the infra already

hk too stronk

😦

redpwn infra 0day

:leek:

ono

⭐

@meager wadi 😏

perfect infrastructure

@arctic gyro ayo they're not supposed to know

oops

don't mess it up lol

Me when someone ask am i good with computers

@neon matrix Thats funny yes.... say yes

(funny ? 'yes' : 'no')

yes

I'm just a funny gangsta ig

they don't call me Mr dolphin for no reason

I earned it from making dolphins laugh

https://tenor.com/view/kukek-gif-20127717

!flag

😔

are there golf challs?

i'm ready

🤔

🤠

you'll need to golf the shellcoding

⭐ perfect organization

gotta prepare my ASSINT capabilities

I'm a pushover but my challenges are easy

jyu im muting u in advance

🙂

maybe I should just preemptively block jyu

uwu

pssst

you should make #guess

😦

ginkoid threatened me 😔

he has my parents

at least change the channel topic

he has is my parents

Hello, is it starting February 6 00:00 UTC or February 6 00:00 UTC+1 ?

it is starting in 1 hour

*2 hours

typo

please refer to the timer on the site

https://ctf.dicega.ng

i should register

Okay, because in the rules, it's written February 6 00:00 UTC

don't

I need a higher chance of winning WWW

0 UTC is what the timer is counting down to

i was gonna play alone but then i talked some friends into playing

so i gotta reregister

wut just give them your team token

no

it wasnt under the name we play as

or an acceptable email

you can change both your name and email

oh well, too late

I will have to ban you now as making multiple teams is strictly against the rules

am i allowed to play on more than one team?

oh

if you don't use a team

having multiple teams is fine

if you have points on two teams

that is

ok

very e-legal

how about i legal you

where's all the fun guessing challenges

you have to guess

where they are

I wanna bang my head against a wall guessing cookie names and private keys

to find them

every challenge is just guess the flag

🙄

ah yeah

imagine actually doing the challenges

just like real pentesting is guess the root password

this text hurts my brain

why is it rainbow

it isn't for me?

stop using netscape

https://ginkoid.is-inside.me/7lnPKcsk.png

?

huh ig it's a firefox thing

doesn't happen on chromium

wacky

looks the same in ff? https://ginkoid.is-inside.me/S2HCpRHL.png

wait wtmoo

it does look a little strange in the screenshot

idk

the text is smaller

every 10 minutes, that's pretty often

i think it fucks up on my monitor bc the resolution is gamer mode

yea probably

Which monitor? my gamer mode recently had weird problems too

not actually gamer mode 😢 it's just 1440p

Oh, mine did some weird things with images displayed in discord

https://en.wikipedia.org/wiki/Subpixel_rendering

@harsh abyss prize for first blood on sanity check?

not that i know of

my love and affection, if that means anything

let's goooooooo

:0

Wait is it started?

gonna tell this to rak

starts in 1 hour

timezones smh my head

what?

Coolioso, CactusCon should be doneby then

omg

the ultimate prize

Would not recommend two ctfs in 24 hours

oof, this sanity check is so hard

😔 ✊

if the countdown on the homepage doesn't say 58 mins left then you found a bug

Sin.

pepega

omg it's 00:00 in my country

wait

i want your love and affection

Hey guys ! Does anyone know what are those "divisions" about ?

brownie come back

rctf feature that we're not using

just register under "open"

I don't really have a choice 🙂

hey drakon

indeed you don't

hey brownie <3

thanks @uneven pendant

lol

hahahaahahah

i was ready to start

monka

👀

what happens if you go to time.is

rctf broken?

rctf uses browser time apis

so uh

why

I would think your browser has timezones messed up

to convert start time to your timezone

evidently it's not working

nop i think it's my country time

does https://time.is say your time is correct or no

okey wait

look

no on the root of time.is it checks if your browser's clock is synchronized

anyone know if the challenges are gonna be made open source post CTF or are they gonna be reused or smthn

are you in UTC+1

i will open source mine at least

i think

same, I assume most will be released

nice, do you need any challenges btw? i make a lot and i have some unused dockerised challanges that you might wanna use

dont even have to give me credit just tyhuoght maybe someone could put em to use

dw if not lmao

||

wtf dunfed

@worn karma Not our time zone

N3ass db xD

yea sure, mind if i DM you some stuff later? any categories you need more in?

they wouldnt let me

take them

😦

ah right right

dw lol

that's right dunfed

We really need osint

Help

monka

o ok

find my address

up to each challenge author, but most will be

🙃

epic

anyways hope everyone enjoys it! :)

enjoyment and ctf do not belong in the same sentence

pls add steg

🙏

lmao

hhhhhhhhh awdi mabghytch nb9a talsba7

how do you know I didn't already

what do you think the server icon changes were about

maybe good steg challenge, question mark?

HHHH same

safe ml3ouba

ki lw7da ki tnash

ez

soon.

i hope web challenges don't rape me

intended to be hard level challs or?

You signed up for this?

26 minutes ❤️

I can’t wait to blood the sanity check

i can't wait to blood the survey

i hope you enjoy my stego challenge

Our team’s only two talents

lmao just an image literally with the flag on it

Good one

omg lh

neat

it’s an honor

are there any good binexp ones

or re

no stego is more realistic than binexp

lmao

ofc ofc

I've heard guessing is the most realistic category

oH

yike

inb4 the guessing category is literally jsut guessing the flag

@amber wind did you ever end up adding that forenshits chall

bold of you to assume this ctf isn't all guess

In before the bloody server crashes from pure autism

be prepared for

perfect infrastructure ⭐

i don't think autism crashes servers

where the discord flag at

i could be wrong though

#message-log

Autism crashed the stockmarket, I think we can say it crashes servers

if infra goes down at start of comp, i want a full refund

autism is powerful
don't underestimate its strength

if you want realistic challs we can make a few wordlist challs

if infra doesn't go down at start of comp

i want full refund

better have per user instances >:(

flashback to csaw

seesaw

wait no i want a more realistic chall

lmao

make us write a detailed report of some vulnerability we wrote

then have us found not eligible

because of a minor formatting error

pepega

and then get banned from the bbp

"duplicate, not elligible"

then you ask for a link to the original report and it's a completely different vuln

lmao

😔

or they say that they fixed the dupe but the bug is still reproducible

or when they say it's out of scope but it's not out of scope at all

ah yes out of scope = bcus the subdomain wasnt mentioned

lololol

I can bet anyone $1000000 that nobody can solve a single challenge written by me

"im sorry when we said that *.doman.com was the scope, we meant the literal * character, not all subdomains"

sounds like they're bad challenges then 😔

@gentle island does this extend retroactively

i think i might have solved one of your tjctf challenges

where's my $1000000

no only dice

sanity check :D

noo!!

cuz I didn't write any 🙃

damn :((

Are there any difficult questions 🙂

I'm going to find a challenge you wrote 2 years ago and make you pay

so are you just here for the memes

pretty much

you should write one rn so i can get money 👀

awesome

so where we dropping

im just here for the memes too

i get it

I mean whats the link

20 minutes until start

lets gooooo

it's in #rules

time to fire up tf2

oh I was meant to read it cool

and half of the organizers status

oh yeah I remeber now

Coffee is out of the system

Don't force us admin 😄

where's rsactftool

!remind me 10m grab some pepsi

✅ Alright, I'll ping you here for that in 10.0 m

!r m 10m grab pepsi

stfu

omg pepsipu

no care

hmm i should remember to shut off the prectf

its gonna get shut 5 before

pepsi >

jammy is going to hop in with his radnor fizz

@rain violet sup

http://diceprectf.meatctf.com/ 13 minutes left go win the prectf

!remind me 17m blood sanity and win brownie's affection

✅ Alright, I'll DM you for that in 17.0 m

radnor also pog

@rain violet what flavour

fake

bebsi

oh.

tied

ono.

dang

does prectf give ctftime points

npo

I have a feeling there's a 800pts challenge

no

😦

all the challenges are in intervals such that a score and challenges solved is determinstic

cause the platform has no way for me to see who solved what challenges

cause it's not a ctf platform

doesn't seem like cutting-edge

its some random half baked unfinished thing

Reminder delivery:
To: @glossy marsh
Scheduled: Thu Feb 4 23:47:04 2021 (1 day ago)
Jump Link: #general message
Reminder:```
wakey wakey dicectf is about to start

did i ask

go to sleep

will go to bed

nah

im good

give us your challs jambot

no

summer fruits or bust

aldi restocked today

but

we arent accepting external challenges

willwam speaks for me

there was none in our local

not external if you remove credit

lmao

you should use them to run unofficial unconsentual prectfs for random ctfs

its time to start spamming

!flag

right gl guys im getting ready

spamming time

!flag

yea idc they are just going to waste. allthough im kinda building my own unique ctf platform so i could save em for that

perfect infrastructure ⭐

jamctf :o

xd

never

40 days

™️

40 days

okay

yes

40 days™️

sorry for leek

if you want an actual date expect like 6 months or something idk

is this going to be "the best ctf of 2021 yet" ?

prolly not lol

WOW

fuckers stole the discord flag

cant have shit in detroit

no swearing in this christian server

Discord Flag:

announcement when ctf didn't start yet?

Reminder delivery:
To: @glossy marsh
Scheduled: Fri Feb 5 23:41:33 2021 (0 hours, 10 minutes ago)
Jump Link: #general message
Reminder:```
grab some pepsi

!flag

for every minute of downtime, admins have to give me 1 minute of root on any box i want

PogO

oh right that too

bargebot is so cool 👀

ginkoid is so cool 👀

I'll choose scoreboard box

Was it delayed?

bargebot is actually ginkoid

waffle is so cool 👀

ok but u only get root on my htpc

only one i can access

no

Epic

htpc?

@authors what are the flags

based

@amber wind we need UHC to come back

who's the admin for the discord flag

@tawny wigeon

omg UHC

?

prectf ended, top 20

youre the admin for discord

confused is there a hidden channel or smthn

tf

modded client time 👀

good work for ppl who played

@clear blade ur scoreboard is weird

also who played as redpwn?

writeup for discord?

i reached 1405 first

I'm in 3rd

for all i know the "redpwn" team isnt even from redpwn

yeah its broken

yeah thats what redpwn keeps saying

redpwn(hub)

but i wanna know who defaced the bash http server challenge cause i wanna know how they got it to run longer commands

cause its definitely possible i just dont know how

${IFS}?

hello all

those get filtered

if you fb sanity you get 300000 points

!remind

👀 help 1/1 👀```diff
![remind|r|reminder|reminders]

Base command for reminders

Sub commands:
me Schedule to be reminded about something
snooze Reschedule your most recent reminder for later
You can get more info about a command (params and subcommands) by using '!help [remind|r|reminder|reminders] <subcommand>'
Commands followed by ↪ have subcommands.```

oh cool

!remind me

🚫 You are missing a required command argument: duration
🔧 Command usage: !remind [me|add|m|a] <duration> <reminder>

!flag

whoever fbs sanity, dm me and i will give prize

👀

omg tux 🐧

👀

!remind me 10s `@everyone pepega

✅ Alright, I'll ping you here for that in 10.0 s

uh

tux gives 1% of his brain

oh no

oh no

Reminder delivery:
To: @sage musk
Scheduled: Fri Feb 5 23:57:37 2021 (0 hours, 0 minutes ago)
Jump Link: #general message
Reminder:```
ˋ@​everyone pepega

lmao

pog

!remind me 10s ```@everyone pepega

✅ Alright, I'll ping you here for that in 10.0 s

you needed 3 backticks

pepega

@neon matrix ill do it just for u

Reminder delivery:
To: @sage musk
Scheduled: Fri Feb 5 23:57:58 2021 (0 hours, 0 minutes ago)
Jump Link: #general message
Reminder:```
ˋˋˋ@​everyone pepega

Ready for everyone ping

nooo

wao

Nice try tho

moment

!remind me 10s `@everyone pepega

even if you got barge to send it, it wouldn't ping anyone

✅ Alright, I'll DM you for that in 10.0 s

oh

sad!

*bargé

security on multiple levels

smh

!remind me 10s css
test

✅ Alright, I'll ping you here for that in 10.0 s

Reminder delivery:
To: @spring cloud
Scheduled: Fri Feb 5 23:58:38 2021 (0 hours, 0 minutes ago)
Jump Link: #general message
Reminder:```
css
test

move over sql injection, here comes ping injection

Reminder delivery:
To: @uneven pendant
Scheduled: Fri Feb 5 17:59:01 2021 (6 hours, 0 minutes ago)
Jump Link: #general message
Reminder:```
T- 1 minute!

wow

hype

50 seconds

wow @uneven pendant a whole second off

till CoR blood sanity check

you guys dont have a script for first blood sanity check?

i swear the countdown timer is going slower the closer it gets

that's the scoreboard going down

Reminder delivery:
To: @glossy marsh
Scheduled: Fri Feb 5 17:59:56 2021 (6 hours, 0 minutes ago)
Jump Link: #general message
Reminder:```
impending perfect infrastructure ⭐

barely got it going

no sanity check

nooo

wtf

second person

I do not approve of the blood

pepehands

this is not okay

BLOODED SANITY POGGERS

same, disqualify

TRUE

TRUE

get those lies out of here

facts

EZ LETS GO @vague bramble

MY MAN

fax

https://tenor.com/view/tf2conga-dancing-soldier-cool-gif-12740203

NICE JOB @vague bramble

@hollow jasper no weeb reacts

STOP THE COUNT

0/10 sanity check not called sanity check

https://tenor.com/view/anime-headbang-current-mood-gif-6035620

THIS!

It took forever to find

https://tenor.com/view/crab-safe-dance-gif-13211112

@neon matrix where is our prize

did u get fb?

yes

ok dm

yes

Hi

if anyone is losing morale

ping me and I'll offer words of encouragement

@tawny wigeon help I haven't even solved the snaity check yet

DDDDD:

no you are the perpetrator

rev author

wtf

you're not one to talk

crypto author

where pyjail

🤔

ti-1337 plus CE

@tawny wigeon

i haven't released

kmh's magnum opus

crypto chall yet

so it's impossible

for me to be source of stress

@tawny wigeon i am losing morale 😦

you can do it! you solved the sanity check already

shut it newcrypt v2

Thanks <3

😭

if someone can solve my challenges i'll dm them a prize

can someone solve babier csp pls

🙏

can someone please solve a not-my-challenge first thx

Did it start

Points are not too much

print = lambda s: __builtins__.print(colr.Colr(s).rainbow(freq=0.8))
input = lambda s: (__builtins__.print(colr.Colr(s).rainbow(freq=0.8), end=""), __builtins__.input())[1]``` why

its the color edition

🌈

sigh

why no solves 😠

I need to include this in all my python code

cause we didn't order the challs

so no one can find the baby

just fyi we didn't order challs in terms of difficulty

there is 1 baby among us

must be pyjail

where are the solves 😔

at the sanity check chall

is ti-1337 down

The madlads build video games

oh wait it works now

!flag

!flag

!flag

!flag

!flag

!flag

!flag

you should eb running ti-1337

locally

!flag

don't even try to do it all on the server

ruined 😡

no test on prod

k

you're not gonna be able to solve it

!baby

it's for your own good

defund they could cheese

🍋

o

!baby

i thought you got rid of cheese

!flag

!commands add flag dice{gang}

✅ Command flag has been added!

you can never be certain

!flag

dice{gang}

!flag

dice{gang}

i did defense in depth against cheese, but cpython is big

cringe

ew

this the right place for questions to the authors?

now the command actually does something

!flag

dice{gang}

yes @hidden hornet

!flag

dice{gang}

Oh god, here comes the !flag train

!flag

dice{gang}

!flag

dice{gang}

it's way better when people spam useless commands

🔒 You do not have the required permissions to run this command

!commands add uwu owo

yeah now its ruined

!flag?

!flag!!11!!1

!flag 123321

dice{gang}

ginkoid 👿 🥰

omg barge caboose!

blinkgé

@vapid beacon in your TI calculator program, I'm missing a module "colr", is this on purpose? Am I supposed to be launching the program to find the flag?

!flag flippidy

dice{gang}

damn

!flag

dice{gang}

when I run I get the "missing module" error

You could comment out the 2 lambdas

the dockerfile provides all the information necessary for deployment

if oyu install docker you can do

docker build . -t ti1337plusce

got you, thanks so much

wat is prize for win

!flag

dice{gang}

#defund

ctftime points

rpisec, next logical step

is adult csp

tru

the prize is a nonzero quantity of american usd dollars

mfw entire first screen of memberlist is organizers

lol

👍

american usd dollars as opposed to british usd dollars

big team

ummm what does rev stand for?

reverend

reverse engineering

reverse engineering

ty ty

i new to ctfs

really epic vexing

!flag

sounds legit

flag command only works in #flag

is the crypto / plagiarism question rsa?

sure

also #crypto

oh funk theyre unordered

Thank you

The scores page (https://ctf.dicega.ng/scores) has a graph with unlabeled axes. :triggered:
Relevant XKCD: https://xkcd.com/833/

give it a bit

#announcements message

bruh

we want that 1 point survery chall that decides top 5

hmm

@amber wind bring back UHC

no u

Flag format?

my servers aren't setup rn :/

dice{}

dicega is like pepega except dice

u should do

babier csp

flag{n1C3_wAy_70_5AY_H1}

pepega

!flag

https://github.com/sajjadium/CTFium

https://github.com/sajjadium/PersianCatsCTF

ok

Always spam that

@neon matrix for cryptonewcrypt v2 i'm assuming the Crypto module is not supposed to be included, right?

why not?

@hollow jasper no weeb reacts

So much promotions for the TI pyjail challenge everywhere on the internet. It’s literally everywhere. Slow down.

https://pypi.org/project/pycryptodome/

crypto uses cryptodome

either should be fine i think but for my system, cryptodome is installed not pycrypto

its so good though 🙏 also what places lol

i put it on my twitter and in a discord

hey kmh deserves it he only writes like 1 challenge every 4 months 🙄

🙄

so now angstrom only gets 2 kmh challenges

omg aplet

🥰

i wrote 3 in the last 4 months 😎

tbh I liked aaron's better :/

and problem writing pace will pick up as the competition date approaches

(you're not supposed to tell everyone that)

📈

number 1 rule of ctfs is pretending like you wrote all your challs in advance

lol i think i wrote like 3 crypto challs in the week before angstrom last year

thank you scoreboard very cool

pretty lines

legend has it that at the end of the ctf those lines will reveal a flag

oh wow that's a very interesting graph

we could only afford 3 colors

we reveal one letter of t he flag

per hour

o ok first letter is d

wait was I not supposed to reveal that

pls don't ban me

wtf,

Wow, google sponsorships must be bad or colors are expensive

our copy of rctf isn't activated so we're stuck with 3 colors

Hi

just use CTFd

and start of with an hour of error 500

how I can begine with ctf I register And I enter to page of chalanges but I don't know to statt

start

Pick a challenge and see if you can somehow get the flag

it looks like the web category is probably the best place to start 🙂

Stop the count

Is there an admin for Missing Flavortext?

@harsh abyss

isn't dan afk rn

dox11111;!!

dan the redpwn man

wow chop0 has arrived

@sage musk

hello

chop0

@stone nacelle hello qpwoeirut

pb stop hoarding 🙂

lmfao

cannot wait for the pb hoard

hello <@&805956149504770088> who can i contact regarding Babier CSP? Need to confirm about the flag cuz its not working

lmao is organizer pingable

it is

🤔

😠

@arctic gyro is the author for babier csp

🤔 🤔

yes

Okay thank you!

intentional

interesting

mfw pingable organizer role

you're supposed to ping orgs for urgent non-chall specific things

not

at organizer how to sice the deet

Me rn

wait is it happening now

can someone explain how admin bots work?

@heavy prawn any hints on how to open babymix?

you submit the url you want the admin bot to visit

bruteforce go brrr

and a chrome instance will navigate to your url

so you can execute some client-side attack like XSS

ty ty

wait, so how is that different from just typing it into my own address bar

you are not the admin

hopefully

🙂

the admin bot will have, for example, admin level cookies set

which u can then steal w/ a xss

https://tenor.com/view/roger-roger-roger-roger-that-copy-that-robots-gif-5912820

inb4 the browser instance is an old version of IE with 50 exploits available

lmao

beef go brr

inb4 intended solution is to exploit cve 21148

went to babier-csp.dicec.tf and viewed a fruit then copied the url into the admin bot link, said flag would be put in a cookie, there is no cookie'

because you are not the admin

okat so

the goal is to get the admin's cookie

so how do you solve it

you need to use the force

normally on webpaghes this is stored as document.cookie

so

you need some way to get his value for document.cookie - and send it to you

ygm

what type of exploit would be relevant

a working one 🙂

Does this involve perhaps scripting and stealing the cookies

across sites yea

lmao

whats the next character

can't say

gink has my parents

once I've negotiated their safe departure I can leek

wtf aplet

gink is my parent

Babier CSP hint please

I never said gink is my parent

geez tux

i

jealous much

🙄

🙄

lol

No longer afk btw

we have not seen a blood in almost 2 hours

time to submit a flag on the admin team

can you give an hint

for what

Babier CSP -
For the question, please 😦

ah sorry, I'm not in charge of that one

Who is in charge

looks like chall author is notdeghost

im trying to figure out babier csp too rn

im looking at one of the reverse engineering ones what would i use to view them?

or rather go through them or something

ghidra is free

ty sorry im new to ctfs

!flag

scroll up

seems to be up for me

that's a client side tab crash

Good cheesening mr dicegang

🧀

the scoreboard graph is now in HD™️

(more frequent updates for your viewing pleasure)

still just 3 colors tho

what is the Open Division thing?

there's only one division

dwai

is it an rctf feature you didn't remove?

yes

who is ireland? author of the crypto/plagiarism challenge?

@thorn dome

can i pm them with questions? specifically i tried following the hint suggested

no luck finding the lib that the post used

yea go ahead

he's probably asleep tho