Reverse Engineering | Lance Kenji Parce

UofTCTF 2026 – Baby bof

March 12, 2026February 28, 2026 by mis4nthr0pia

People said gets is not safe, but I think I figured out how to make it safe. Buffer overflows are a classic vulnerability, but sometimes CTF authors add little “security checks” to trip you up. In this challenge, Baby bof, the author claimed they made the dangerous gets() function safe. Spoiler alert: they didn’t. Here … Read more

TFCCTF2025 | FONT LEAGUES: When Your Flag is Hidden in a Typeface — Writeup

March 12, 2026September 9, 2025 by mis4nthr0pia

So, here I am, happily cruising through this CTF, when I open the next challenge: FONT LEAGUES. At first glance I thought, “Cool, maybe some font trivia? A logo? Something artsy?”…Nope. It was a straight-up font file. A .ttf. And suddenly I realized: Oh no. They want me to reverse engineer a font. Step … Read more