#general

Wat is that a team?

@toxic gate DM?

lol

wanna know your flare sol

flawless cobalt

true ! im cobalt

!bean @tacit lantern

✅ Moriarty#8077 (518674233484640256) was beaned. Reason: No reason given.

so violent

this server's emote list is so weird

!bean someone

✅ A*#9912 (664470906139181067) was beaned. Reason: No reason given.

!bean your mother

✅ A*#9912 (664470906139181067) was beaned. Reason: mother

lmao gottem

why does A* match everything

:thonk:

@meager wadi fix barge smh my head

!bean Aple

✅ Aplet123#9551 (201765854990434304) was beaned. Reason: No reason given.

!bean @@

✅ A*#9912 (664470906139181067) was beaned. Reason: No reason given.

when does it finish btw ?

🤔

!bean @harsh abyss

✅ BrownieInMotion#8488 (263460371652673537) was beaned. Reason: No reason given.

!bean @manic dune

✅ Ptomerty#4706 (130486339392110592) was beaned. Reason: No reason given.

!bean @wind sun

✅ DARNY#4054 (658338836736376832) was beaned. Reason: No reason given.

!bean @normal valve

✅ bargebot#0656 (567031469352943618) was beaned. Reason: No reason given.

We are good. We do not describe the quality of the color. we just state the color

!bean @vapid beacon i am arresting you and putting you in a pyjail

✅ kmh#0778 (294245609744105474) was beaned. Reason: i am arresting you and putting you in a pyjail

Nice try but I smuggled in a dunderscore 😉

As much as I hate to say it, probably typed

!bean @dark fulcrum i have brain damage

✅ pepsipu#5555 (475525381609357313) was beaned. Reason: i have brain damage

!bean pepsipu I'm quitting pwn because of you

✅ pepsipu#5555 (475525381609357313) was beaned. Reason: I'm quitting pwn because of you

!bean ireland made the best chall but I couldnt solve :sadge:

✅ D_K#9719 (148458355860570112) was beaned. Reason: made the best chall but I couldnt solve :sadge:

:w

Will there be any solutions posted by the creators of the challenges?

!bean 135813748148404224 very good challs, gave me dementia 👍

✅ the entire country of ireland#2412 (135813748148404224) was beaned. Reason: very good challs, gave me dementia 👍

!bean kethly giving myself a bean to make myself feel btr

✅ ergoproxy#2687 (145592023666130945) was beaned. Reason: giving myself a bean to make myself feel btr

wait what

!bean Kethly#1072 giving myself a bean to make myself feel btr

✅ Kethly#1072 (324362342026444800) was beaned. Reason: giving myself a bean to make myself feel btr

!bean @rain crystal test

✅ parabirb#1312 (884967775066550313) was beaned. Reason: test

test

OH SHIT

!bean @cloud barn hi anli

✅ anli#9094 (235136271633219584) was beaned. Reason: hi anli

Is there going to be a set link/text channel for writeups? I cant wait to read them.

yes, we will add it once the ctf is over

Cool

Looking forward to the writeups for some of the harder challenges

Looking forward to the writeups for some of the easier challenges

Can’t wait already to see vm-calc writeup. Wasted the whole ctf on it 🥲

hoo boi you'll be disappointed

👀

!bean @opal walrus hi sky

✅ ashen sky, autumn breeze#4163 (454002799034892301) was beaned. Reason: hi sky

Breach is the one I'm looking forward to writeups for

same lol, although also for undefined for me. I'm sure both of them will be obvious-in-retrospect to me >.>

tbh im looking forward to writeups for all of these

GG

gg

END

gg

gg

🥳

gg

gg

gg

\o/ that was fun

gg

ggs

no more

gg

gg

gg thank you admins

gg everyone

vm-club writeup plz?

GG

thanks for the CTF 😄
crazy and fun challs

gg!

gg

gg

among us?

gg

gg

gg

please someone tell me notekeeper solution so I can go to sleep

sadge

Gg

wait I think it's in there

just not linked

scroll down

gg

anyone got a writeup for flare?

gg

gg

Great CTF!

gg

https://brycec.me/posts/dicectf_2022_writeups writeups for notekeeper, vm-calc, denoblog, blazingfast

the writeup submission link only works for americans?

@meager wadi

@meager wadi

what the

welp guess we're not using area120 then

well then

please hold 🙂

rip all the homies not in america

yeah lol 1sec

use a vpn 😉

the form looks so nice though 😭

whats the writeup deadline

fixed writeup submission link, sorry about that https://forms.gle/xsa8WtYirVMqWc8M8

we didn't decide on one yet but probably like

1 week? along with the release of solutions for the 2 unsolved challs

what

naughty ireland distributing malware

smh

:O

gg, fun asf

pls vote 37 on ctftime 🙏

no

I vote 75

alternatively hack ctftime and vote 38

😛

or do that!!

gonna at kyprizel on twitter

Is that the max?

yea

Ok 37 it is

well it's 37.230 but only natural numbers are allowed 😔

floating point gang

Wait did Ireland release generation python files anywhere?

download the Rz --> H, T gate converter from this professor
https://www.mathstat.dal.ca/~selinger/newsynth/

am I not able to submit the flag for survey

because the CTF is over?

oh

I figured it would still let me submit survey because they said certain ones were still eligible to submit

oh easy you need to bypass this with vpn or proxy and maybe more.. that should be enough if its not you can try more things there are a lot of things to try here (this is another challenge, this one is worth 13 points (13=0XD) )

the big brain ctf strat

if blooding a challenge won't get you more prizes

don't submit the flag

wait for ctf to end

pressure orgs into putting a bounty on it

then submit the flag for the bounty

that emote is uncomfy

why

factordb kinda trash

where the factors at

I am voting a 0 because it's the greatest ctf i've ever seen

For the writeup competition what is the deadline?

I think tentatively 1 week but we will let you know if that changes

hey guys remember when voting on ctftime that rating points should not be viewed as a percentage of the max but rather a literal point count that happens to be capped

when debating if you should vote 37/37 for dicectf, you should think "is this ctf better than/as good as other 37-point ctfs" instead of "does this ctf deserve a perfect score"

hmm is this how you elevate the ratings aplet?

yes 🙂

by using logical reasoning I shall get people to vote reasonably

it is already maxed out i think 😄

I'm tired of seeing people voting on good first ctfs with 20/25 just because "tHe CtF iSnT pErFeCt"

even though the ctf is easily a 40 or 50 in quality

On that note remove ctf time cap! /j

dicectf 100 weight wen

also if you put a banana in your writeup I will mention that there is a banana in your writeup to the other organizers if I read it

this does not increase your chances of getting a writeup prize at all

but it'll be funny

👍

Hmm what about apple in it (not submitting writeups but still)

or even better s

diceCTF - 100 weight :d

how long until writeups are due?

tentatively 1 week

Who started DIcegang?

Did anyone archive the challenges?

we'll publish a repo at https://github.com/dicegang soon

👍

that information is held at level 1337 security within DiceGang LLC's data protection system

:thonk:

Time to apply to dicegang and get rejecteddddd 😆

Is 1st place real world and Defcon automatic qualification?

no

not automatic

Would there be any type of automatic qualificaition?

so if we pwn this we get automatically accepted right /j
Also jyu is still watching ahhhhhh

no 🙂

Even joining the Uncle Sam?

that's an automatic reject 🙃

exactly

What team were you on before dice?

f

Also with the writeups competition does it matter if that team didn't complete the challenge in time but did the writeup after doing it post-ctf?

E.g. I didn't get breach done in time so I couldnt submit it for a writeup

Could I get perms to speak?

uh idk how to do that 🤡

When did you start ctfs?

ok i think i got it?

yep 😄

@gritty apex that's fine

ok that topic is done

👍

Hmmmm ok

!bean jyu beaning me back in there

✅ jyu#7186 (476169212717563912) was beaned. Reason: beaning me back in there

just out of curiosity, where did the term "wp" come from

I know it means writeup, but why wp

it seems like a lot of people use it

i think of wordpress every time i see it

I thought Of wattpad 😭

wp is usually widely used by Chinese CTF players afaik.

oh

is that the truth

or are you sahuanging

pretty sure xD

🤡

can i check if theres a minimum placement in order for ctftime to display participation in dice ctf?

for some reason it doesnt show up for my team

You need to have at least 1 point

oh thats weird

Aka solving welcome

i did bind it to ctftime as well

can i pm you about this?

Sure

https://tzion0.github.io/posts/dicectf-knock-knock/
In challenge web knock-knock, I ran the same code. But the result comes out '1ac7056f7beb7929213e625824620dbda59bd519c706fda69f9aca1bd914c175'. Why this happens? I can't understand the difference.

!q 939684456703328267

you need to use the exact same node version as the challenge

figuring out why is left as an exercise to the reader 🙂

You mean, in different node version, the module "crypto" code is different?

oh my gosh... really really thx

i guess challenge node version is 16.13.2.

Is there an official github for the writeups?

no, but there's an official hackmd in #announcements

U must use the docker image because the code does not end up running the same way. I believe if u run it in console for example it has brackets around some text {}, i believe removing those gave the same kind of text as the different bode version

How long is the infra going to stay up

as long as it can

no, it is 17.4.0 as written in the provided file

challenges will be up for at least 1-2wks and the scoreboard will stay up forever

Forever*

Wish she was like scoreboard not challenges

Who is she referring to

I'm planning to release a blogpost about logistics / infrastructure (both the good and the bad) is there anything anyone would like to specifically hear about?

infrastructure: i'd love to hear any juicy details about instancer.mc.ax (it's custom?)

i'm guessing it's just aggressively pre-launching containers before they are needed to achieve fast launch times? with randomized traefik rules? (i'd love to know if you ran into any issues with scale here, and any stats on num of concurrent containers, etc.). I'd also love to hear about what you did (if anything) to curb abuse (automated ip banning? rate limiting?) in general.

we didn't have much abuse iirc

this is more of a @meager wadi thing

but it was per-team so you could only launch one instance of a challenge per team

which made it much harder to abuse

hm yea maybe we can do a full technical writeup as well, I'll try to convince gink and aspyxia to write their parts :p there was tons of cool stuff done from the infrastructure perspective

instancer launched a new k8s job when you clicked the start button. we used the traefik http config provider + an endpoint on instancer to ping the k8s pod listing api and generate config. we had recaptcha on instance start so abuse wasn't a huge issue

oic, per-team is very nice

i asked about abuse because i saw in one of the channels someone talking about being ip-banned

ah

so we ip ban people who are running dirbuster or whatever

yeah is that automated or what? and in traefik or per-challenge or...?

it's just manual, using gcp firewall rules

i see -- http config provider makes a ton of sense for this use-case

basically if we get alerts for challs being unresponsive we pull up logs and ban the person

lmao

ok great this is my approach too i just wanted to check

automated banning isnt really worth it especially if you have any challenges which require some small amount of brute forcing

there's usually never too much abuse

basically just dirbuster tbh

yeah

For those of you complaining about our baby challs 🙂

Lololol

Wait 0 day 👀

I was waiting for the kernel-heap-pwn 😦

@boreal sierra tried 😔

we even wrote speshul infra for it

baby-ios-rce-lpe-fullchain

hey the infra still got used for fuse

speaking of

@boreal sierra stahp making things qemu dependent

🙂

oh and stop using vbox too

🙂

oh hey @karmic topaz :>

hello!

didnt know you were here too

I may have convinced him to join

i did not have time to participate :(

rip

but i was here..

How does a man spend 3 days debugging kernel exploits with kvm off

:c

linux host
virtualbox
no nested kvm
how so pro

maybe that's why it took 3 days

with kvm off ?? oh man. that's slow af.

for anyone trying to submit writeups while forms.gle is currently ded here's an unshortened link https://docs.google.com/forms/d/e/1FAIpQLSfnUP91_fxvGFv0WJbJj4NaFATx-7b9wd1aOSIjkCdirDAi9A/viewform

Imma switch to libvirt soon 😠

Stop bullying the qemu user in virtualbox

. . . switch to libvirt soon
why don't you switch right now? 😀

😳

no one has a breach writeup yet

count++

有没有题目复现环境呀

I can make one if I have time

#writeups message here you go

honestly quite incredible

Thanks @amber wind

np

dice{my_m1nd_rac3s_w1th_m0jo_1nt3rnal5_6c3898cc} just started last night 🙂

😱

damn

can you make a ticket?

O:

wow

No jyu's status I will not be filling out taxes

DRS gonna come for you 🙂

\🤣

how was this made

h o w

I think Harry said he'll release tooling soon™️

lmaooo cant wait

full python to IRS tax form toolchain ;p

I've been really busy recently but will clean up and release soon ™️

TLDR: python z3 AST -> flattened list of ops -> json tax form -> handlebars html template -> html-to-pdf with chrome

you know, i wasn't able to play dice this year, but suddenly i no longer regret it

ooh cool

lmao, taxes was actually broken for awhile, not quite up to par quality-wise; so maybe you made the right choice

but shellphish wrote a custom binja plugin for my rev/pwn challenge so the meme continues ;p

it's not just me who does that I swear...

haha, nah i'm sure it was great just life gets in the way sometimes

still, that's a pretty cursed pipeline

I honestly couldn't think of a simpler way to do that

generating pdf's is kind of hard programmatically, way easier to generate html and then "print" it

if it works, it works make a ctf problem out of it

this is actually how i generate my resume 😅

when you're too good for latex so you hand-roll a typesetter

css is a great typesetter idk

flexbox actually op

please it's 2022 we only use display: grid now

oh no am I out of date with webdev again?

did you blink?

last I heard flexbox was still experimental

haha yeah i think it's been in the working standard for at least 4-5 years

turns out chrome print to pdf is cursed on mac for some reason

the more you know

👀 lots of mac users here

macos is just linux with better ui

True

harry is about to get flamed by all the i use arch bros

Don't worry they'll first have to sort out their network driver issues

that being said, macos does have a really good looking UI

arch btw

🙏

I can't afford a mac 😔

Macs are nice… as long as you can run an Kali vm

kali lincox

I refuse to believe this

Bit late I assume, but I wish to thank the organizers for a smooth sailing CTF Game with great challenges involved.
I learned a lot.

Thank you.

But Why would you need a kali vm

Ehhh just the occasional Ubuntu package that brew doesn’t have

So ubuntu vm?

Yep but I do a lot of ctfs so I just have kali

Just don't hack

CTF is perfectly fine without kali

CTF on host

Eh true but also hack the box

kali is essential for crypto mains

👀 is that sarcasm

Never used kali for crypto but I’m rather new to this stuff

Kali isn't useful for anything except being lazy in getting tools you need

also being lazy in customizing your shell

isn't kali shell pretty basic? i haven't used it in a few years

of course the real reason to get kali is the UNDERCOVER SUPER SECRET WINDOWS MODE

it's got all the zsh-users bells and whistles

lol

just install oh-my-zsh

and then pick a good theme

I used to use oh-my-zsh a long time ago and I riced it so hard that it would take literal seconds to load into the terminal
These days I just use almost default fish

Just use the same config without omz, it's speedy

ok but have you customized your shell yet

Spent most of my day today doing a write-up for breach, hopefully I didn't miss the write-up prize deadline

If you submitted to the write-up form successfully you didn't miss it

how can you miss a deadline that doesn't exist

Maybe we should set a deadline

https://i.kym-cdn.com/entries/icons/original/000/022/540/phinferb.JPG

The deadline is when the prizes come out 👀

You don’t have to give prizes if there’s never a deadline 🤔

🧠

Hmm defund solving problems over there

unbelievable

there is a deadline now?

I should quickly do containment with my breach writeup try and give myself a better chance

I think the writeups are all scored seperately

they are both the same binary for those challenges

This kid is gonna get jumped by the top 3 teams 🤣

"kid"

💀

👶

finally got pwn/containment written up, just to make my super long write-up already longer for breach, I wonder if anyone will actually end up reading it, it's pretty long (45 pages if you were to print it)

He is on the top team

Lolol

lol

daz right

he gonna get jumped by his own team

also we all know the top 3 teams are dicegang, dancegig, and didgong

they had all the flags they just didn't submit them in imme

💀

No its Perfect Blue, Slightly Less Perfect Blue, and Just Good Blue

pb sux lmao gottem

also something something L + ratio

pb is great
I like their crypto

(Thats a joke pb SUCKS)

Nop, taxes chall forbid such teams from participating in the CTF.

You had to sign that your team name isn't <adjective> <primary or secondary colour>

technically slightly less perfect blue is adverbs then an adjective then a color

T_T

.>

@dark fulcrum ok so like your nightmare writeup is cool and all but these words don't mean anything

tbh that’s me and all pwn

none of the pwn words mean anything

oh lol probably cuz gpt-3 wrote it when I asked it to write up my chall

Wait what

(joke)

dice.

When do you think the results of the writeup competition results will be out?

you think they are gonna release them? 🤣

no one has to get prizes if no one knows whether they won or not

reading writeups takes time

unlike making offhand remarks about our integrity

I was just referencing earlier jokes by the organizers about the prize deadline (sorry if it didn't come off as a joke)

All good, not meaning to rush, just more interested, as hard to know how many submissions

@primal pond your phishing scheme is broken, all I see is a blank page

@oblique bramble @long grove @amber wind

fre nitro 🔥 🔥 🔥

i dont think anyone on this server will fall for it lol

!ban 821232024064753724 super stinky

✅ Siebene#1331 (821232024064753724) was banned for super stinky (#590)

oh it didn't delete the messages

but the fake steam login is pretty convicing

why does barge not delete banned messages

!help ban

👀 help 1/1 👀```diff
![ban|🚪] <user> [reason]

Bans a user from the server.

bruh

!help

👀 help 1/3👀```diff

• AntiRaid
  raid
  ↪

• Basic
  about Shows some runtime info like uptime, messages seen and link to support server.
  coinflip Random decision making.
  help Lists all commands, the commands from a cog or info about a command.
  quote Quotes the requested message.
  self_role Shows self-assignable roles or assigns/removes one.
  uid Prints out any Discord user IDs found in the specified text

• CustCommands
  commands Lists all custom commands for this server, also the base command to making, updating and removing them.
  ↪

• Emoji
  emoji Base command for managing emoji
  ↪

• Infractions
  inf Base infractions command, see the subcommands for details.
  ↪
  mwarn Warns multiple users with the same reason
  note
  warn Adds a new warning, the user is not informed of this.

You can get more info about a command (params and subcommands) by using '!help <command>'
Commands followed by ↪ have subcommands```

!cleanban 821232024064753724 smellier?

🚫 This user is not on the server

ffs

xD

!unban 821232024064753724 maybe this works

✅ Siebene#1331 (821232024064753724) has been unbanned for maybe this works (#591)

!cleanban 821232024064753724 smelliest

🚫 This user is not on the server

!clean 821232024064753724

👀 help 1/1 👀```diff
!clean

Gets out the broom to clean whatever mess needs cleaning

Sub commands:
all Just clean everything
between Cleans both messages given and everything in between
bots Removes messages sent by any bot
containing Cleans messages containing a specific text, if the text contains a space wrap it in " or '
everywhere Removes messages by one or more users in all channels
last Cleans all messages send in the last x time (5 m for example)
links Cleans messages that have links only
until Cleans until the given message (message is also removed)
user Removes messages by one or more users
You can get more info about a command (params and subcommands) by using '!help clean <subcommand>'
Commands followed by ↪ have subcommands.```

!clean user 821232024064753724

✅ Deleted 1 message!

mfw

didnt delete on other channels

!forceban 821232024064753724 ashfdoisafjsdioafjsa

lol

✅ Siebene#1331 (821232024064753724) was force banned for ashfdoisafjsdioafjsa (#592)

I hate this

can someone who actually has 2fa enabled delete the messages

@meager wadi why 2fa admin requirement >:(

2fa admin required

ginkoid is security nut smh

Why don't you have 2fa

because 2fa is annoying

:^)

I will hack you

2fa admin enforcement is required for discoverable servers

as I said

ginkoid is security nut smh

more like discord is security nut smh

more like ginkoid is discord smh

Ginkoid intern at discord wen

oh my free nitro :O

This is my weekly message to keep the activity high enough for Discovery

What is discovery?

discord server discovery

✅ jyu#7186 (476169212717563912) was beaned. Reason: making me thing something important was happening

✅ jyu#7186 (476169212717563912) was beaned. Reason: bean

😔

ooh I better send a message as well to bring up the active user count

!bean @tribal vale

✅ jyu#7186 (476169212717563912) was beaned. Reason: No reason given.

✅ jyu#7186 (476169212717563912) was beaned. Reason: more bean

✅ jyu#7186 (476169212717563912) was beaned. Reason: not perfect blue fan

!bean @tribal vale guess who's back

!bean @tribal vale guess who's back

✅ jyu#7186 (476169212717563912) was beaned. Reason: guess who's back

!bean @azmidium increasing server engagement

✅ Jackieqian#0825 (895280456990335036) was beaned. Reason: increasing server engagement

Whoops

!bean @tribal vale hope you like beans

✅ jyu#7186 (476169212717563912) was beaned. Reason: hope you like beans

Beans?

✅ jyu#7186 (476169212717563912) was beaned. Reason: status is a lie

for those interested, just released a writeup about organizing dicectf in the writeups channel, this includes logistics and details about our infrastructure!

!bean @sacred robin bad at life

✅ BABA#4852 (379877550719238144) was beaned. Reason: bad at life

✅ jyu#7186 (476169212717563912) was beaned. Reason: server not active

hello

!bean @tribal vale

✅ jyu#7186 (476169212717563912) was beaned. Reason: No reason given.

Woah! Thanks 🎲

Also thanks

I'm not sure whether or not this is the place to ask this but I wanted to get into this field, and I wanted to know, where do I learn?

What category do you want to learn about? Write ups are good and for certain types of challenges there are websites devoted to@learning about them

I am interested in pwn and web tasks

Pwn especially

Pwn is essentially hacking a computer over the internet, correct?

unless it uses http in which case it's ✨✨web✨✨

tfw browser pwn = web

Is there any chance to contact the creator "larry"? I really would like to ask him a thing or two. Or is this considered impolite?

hi

feel free to open a ticket

Thanks, will do

On CTFtime, the DiceCTF@ Hope is put under the redpwnCTF event, is it a replacement ?

Kind of, the challenges will be around the difficulty level of redpwnctf rather than dicectf but members of dice have helped write challenges

Most likely there won't be a redpwnctf event for 2022 and if you are looking for that dicectf@hope is a great replacement