Joel Eriksson
Vulnerability researcher, exploit developer and reverse-engineer. Have spoken at BlackHat, DefCon and the RSA conference. CTF player. Puzzle solver (Cicada 3301, Boxen)

Team ClevCode

Team ClevCode was originally created when me (Joel AKA OwariDa AKA je) and my friends in HackingForSoju decided to try getting two teams into the Codegate 2012 finals in Korea. The decision to split us up in two separate teams turned out to be a bad decision however, since both teams had members with a slightly different skillset. While both teams did well on the exploitation based levels, one team managed the web based levels better and the other did better on the reverse-engineering based ones.

Combined, we actually solved all levels in the competition. A feat managed by only the russian More Smoked Leet Chicken team, that is actually a merge of both the Leet More and Smoked Chicken teams. :) Since we had split up our team in two parts, and both parts managed to solve levels the other one didn’t, it turned out that both teams fell a bit short of qualifying in the end.

Since then, we have started competing as one team again. This time as Team ClevCode. We still use HackingForSoju as a pseudonym on some CTFs, and occasionally we use the pseudonym pwninjas. (UPDATE: We are now back to using only HackingForSoju again) Although we are smaller than most of the other top teams, and even though only a few of us are able to play most of the CTFs we enter, we are doing quite well.

This year (2013), we are currently ranked 5th in the world, according to ctftime.org. The competitions we have focused on the most so far have been Codegate and SECUINSIDE, where we qualified to the finals in South Korea in both cases. In Codegate we got 5th place in the qualifiers and 6th place in the finals, in SECUINSIDE we came in 3rd place in both the qualifiers (out of 1083 registered teams) and the finals.

Since we are a small team to begin with, the finals (where there is a limited number of participating team members) is usually where we get our chance to shine. :)

In the Codegate finals we did very well on the exploitation and reverse-engineering based levels, while falling a bit behind on the forensics and web based levels. Basically, me and kaliman worked on the exploitation based ones, me and hspe worked on the reverse-engineering based ones, none of us liked the forensics and capsl had to do the web based ones all by himself. :D

Although we wanted to do better than 6th place, it still felt pretty good when extremely talented people such as Halvar Flake / Samurai (very well known reverse-engineer, creator of BinNavi, etc), George ‘Geohot’ Hotz / PPP (known for hacking the iPhone and the PS3, among other things) and others came and asked us how we managed to solve the toughest of the exploitation based levels (coge_ftpd) after the finals were over. ;)

In the SECUINSIDE finals me and kaliman were thrilled to see that the finals consisted almost entirely of “pwnables” (exploitation based levels), while capsl and rebel were a bit disappointed by the lack of web based levels, that is their current forte. In fact, there was only _one_ web based level in the entire SECUINSIDE finals. With only about 30 minutes to go in the competition we were in 2nd place, before the korean team 벌레잡이 managed to get past us with just a few points (6070 vs 6058). :)