It should mention the bug only exists after some arbitrary "patch" was introduced. As the current title makes it sounds like the actual zlib has a security issue.
show comments
Goofy_Coyote
Google CTFs are fascinating.
Amazing questions, I always enjoy the write ups.
Unfortunately I’ve never been able to solve one, or even make meaningful progress.
show comments
xxmarkuski
The best teams from Google CTF were invited to compete in Hackceler8, a combination of speedrunning and CTF, this year on a SEGA Genesis. Today are the finals, which are steamed and commented on YouTube. See this teaser [0]
It should mention the bug only exists after some arbitrary "patch" was introduced. As the current title makes it sounds like the actual zlib has a security issue.
Google CTFs are fascinating. Amazing questions, I always enjoy the write ups.
Unfortunately I’ve never been able to solve one, or even make meaningful progress.
The best teams from Google CTF were invited to compete in Hackceler8, a combination of speedrunning and CTF, this year on a SEGA Genesis. Today are the finals, which are steamed and commented on YouTube. See this teaser [0]
[0] https://youtu.be/QQjxHBW7wSQ?si=ElmaUomuFnVx043T
> LZ77 decoding. This actually triggers the bug and causes integer overflow.
As I understand it, accumulating the tables is contingent on CTW.
Maybe I'm misgeneralizing, but this seems very similar in flavor to the webp vulnerability a few years back
Good god that's a wild read.
I wonder if AIs could catch that.