https://tqts.ar/ Recent content on tqts.ar Hugo -- gohugo.io en-us Written by tqts. All content under Creative Commons Fri, 25 Feb 2022 01:10:01 -0300 https://tqts.ar/post/solving-sherlockctf/ Fri, 25 Feb 2022 01:10:01 -0300 https://tqts.ar/post/solving-sherlockctf/ <p>SherlockCTF was a collaborative CTF organized by <a href="https://sherlock.xyz">Sherlock</a> and <a href="https://secureum.xyz">Secureum</a>, for the top 32 participants in february's RACE event. Each participant submitted a CTF level, and for 7 days, the competition was opened. I managed to score 32 points.</p> https://tqts.ar/post/damnvulnerabledefi-1/ Sat, 01 Jan 2022 12:10:12 -0300 https://tqts.ar/post/damnvulnerabledefi-1/ <p>First part of the solutions/exploits for the Most Vulnerable DeFi (tm) out there.</p> https://tqts.ar/post/ethernaut-5/ Mon, 15 Nov 2021 17:11:01 -0300 https://tqts.ar/post/ethernaut-5/ <p>Fifth (and last?) part of the solutions to Ethernaut. The challenges in this part are mostly vulnerabilities on more complex contracts, that mimic real exploits.</p> https://tqts.ar/post/ethernaut-4/ Mon, 15 Nov 2021 12:11:01 -0300 https://tqts.ar/post/ethernaut-4/ <p>Fourth part of the solutions to Ethernaut. This time the challenges get harder and more interesting.</p> https://tqts.ar/post/ethernaut-3/ Mon, 15 Nov 2021 11:11:01 -0300 https://tqts.ar/post/ethernaut-3/ <p>Third part of the solutions to Ethernaut. More fun levels, and a little bit harder than before.</p> https://tqts.ar/post/ethernaut-2/ Mon, 15 Nov 2021 07:11:01 -0300 https://tqts.ar/post/ethernaut-2/ <p>Second part of the solutions to Ethernaut. Levels start to get progressively harder, and a lot more interesting to solve and learn.</p> https://tqts.ar/post/ethernaut-1/ Mon, 15 Nov 2021 07:10:01 -0300 https://tqts.ar/post/ethernaut-1/ <p>Another Solidity and Ethereum security CTF game. This time we will be solving <a href="https://ethernaut.openzeppelin.com/">Ethernaut</a>, the game hosted by OpenZeppelin.</p> https://tqts.ar/post/capturetheether-5/ Wed, 10 Nov 2021 02:14:25 -0300 https://tqts.ar/post/capturetheether-5/ <p>This last category of challenges is a mix of various types of vulnerabilities that don't really fit into any of the other categories.</p> https://tqts.ar/post/capturetheether-4/ Wed, 10 Nov 2021 02:14:24 -0300 https://tqts.ar/post/capturetheether-4/ <p>These challenges are meant to teach about the fine details of EVM-compatible networks accounts, contract deployment and cryptographic key pairs.</p> https://tqts.ar/post/capturetheether-3/ Wed, 10 Nov 2021 02:14:23 -0300 https://tqts.ar/post/capturetheether-3/ <p>Third post for the CaptureTheEther CTF writeups. Now the focus is on mathematical functions.</p> https://tqts.ar/post/capturetheether-2/ Wed, 10 Nov 2021 02:14:22 -0300 https://tqts.ar/post/capturetheether-2/ <p>This is the second post of a total of five, for the CaptureTheEther CTF writeups. This time, the focus will be on the <em>Lotteries</em> category of challenges. Most levels here will require the player to code and deploy new contracts to the network, and interact with them.</p> https://tqts.ar/post/capturetheether-1/ Wed, 10 Nov 2021 02:14:21 -0300 https://tqts.ar/post/capturetheether-1/ <p>This is the first post in a series about the Ethereum security introductory CTF &quot;CaptureTheEther&quot;. There will be a total of five posts, each one of them focused in one of the categories of the game. For each level I'll describe the contract, the vulnerability, the solution I used and a conclusion about what to check when developing or auditing smart contracts.</p>