Articles | FireShell Security Team

Articles

2025

May 03, 2025 - UMD CTF 2025 - Web Writeups

2024

Dec 05, 2024 - Bypassing freeRASP Callbacks - Flag Validator Write Up - CTF BHack 2024
Aug 14, 2024 - Intigriti's August challenge by CryptoCat
Aug 14, 2024 - corCTF 2024 - Challenge Dev write-up

2023

Dec 20, 2023 - Intigriti's December challenge by protag
Sep 07, 2023 - SEKAI CTF 2023 - Web Writeups - Frog-WAF and Chunky
Aug 06, 2023 - corCTF 2023 - harem-scarem write-up
Aug 03, 2023 - corCTF 2023 - 3 Web Challenges
Mar 20, 2023 - The Dangers of Exposed Azure Blobs
Mar 17, 2023 - UTCTF 2023 - Cracking the Random
Mar 01, 2023 - Mining Takeovers for Fun and Profit
Feb 19, 2023 - HackTM CTF 2023 - cs2100 write-up

2022

Dec 19, 2022 - NahamCon EU CTF 2022 - Welcome to Web3!
Dec 10, 2022 - RCTF 2022 - Hacking File Uploads
Dec 10, 2022 - Explorando SQL Injection no INSERT - BHack CTF 2022 - Jogo da Velha - [PT-BR]
Aug 09, 2022 - Google CTF 2022 - Segfault Labyrinth
Jun 20, 2022 - WeCTF 2022 - Google Wayback
Jun 20, 2022 - SEETF 2022 - Username Generator
Jun 13, 2022 - justCTF 2022 - Symple Unzipper - [PT-BR]
Feb 28, 2022 - TSJ CTF 2022 - Nimja at Nantou

2021

Dec 20, 2021 - idekCTF 2021 write-ups
Nov 16, 2021 - INTENT CTF 2021 - Writeups (6-in-1)
Nov 02, 2021 - Hack.lu CTF 2021 - Diamond Safe
Oct 28, 2021 - ASISCTF 2021 - ASCII art as a service
Aug 26, 2021 - Really Awesome CTF 2021 - Secret Store
Aug 03, 2021 - UIUCTF 2021 - yana - Client-side exfiltration
Jul 25, 2021 - redpwnCTF 2021 - Requester + Requester Strikes Back
Jul 05, 2021 - Hack-a-Sat 2021 - Tree in the Forest
Jun 21, 2021 - WeCTF 2021 - Coin Exchange
Jan 05, 2021 - Execution After Redirect (EAR)

2020

Jul 04, 2020 - Hack The Box - ServMon
Jun 14, 2020 - NahamCon CTF 2020 - Elsa4
Jun 07, 2020 - 2020 Defenit CTF - Some tasks
Apr 16, 2020 - Reversing a Javascript Malware
Apr 12, 2020 - Byte Bandits CTF 2020 - Look Beyond
Apr 04, 2020 - Writing a shellcode for MIPS32
Apr 04, 2020 - Midnight Sun CTF 2020 Quals - pwn2, pwn3 and pwn5
Apr 04, 2020 - Hack the Box - Registry
Apr 02, 2020 - FireShell CTF 2020 - [PT-BR]
Mar 31, 2020 - Hack the Box - Forest
Mar 30, 2020 - FireShell CTF 2020 - Against the Perfect discord Inquisitor 1 and 2

2019

Nov 20, 2019 - Hack 'N' Routers - Vulnerabilidades comuns em roteadores domésticos - [PT-BR]
Sep 26, 2019 - InCTF 2019 - ... --- ...
Sep 25, 2019 - InCTF 2019 - Fresh From The Oven
Sep 25, 2019 - InCTF 2019 - Golden Den
Sep 25, 2019 - InCTF 2019 - s3cur3-r3v
Sep 24, 2019 - InCTF 2019 - Notch It Up
Sep 23, 2019 - InCTF 2019 - PHP+1, PHP+1.5 and PHP+2.5
Sep 20, 2019 - Real World CTF 2019 Quals - Caidanti Part1 and Part 2
Aug 26, 2019 - Chaos Communication Camp 2019 - CampRE
Jul 25, 2019 - CyBRICS CTF Quals 2019 - Telegram
Jul 23, 2019 - CyBRICS CTF Quals 2019 - QShell
Jul 22, 2019 - CyBRICS CTF Quals 2019 - Paranoid
Jul 21, 2019 - CyBRICS CTF Quals 2019 - Dock Escape
Jul 11, 2019 - Asis CTF Quals 2019 - A delicious soup
May 07, 2019 - INS'hAck 2019 - Passthru
May 06, 2019 - INS'hAck 2019 - You Shall Not Pass
Apr 25, 2019 - Asis CTF Quals 2019 - Fort Knox
Apr 24, 2019 - Processo Seletivo FireShell Security Team - [PT-BR]
Apr 13, 2019 - Byte Bandits CTF 2019 - ImgAccess
Apr 09, 2019 - SSRF Tips: SSRF in Microsoft’s Bing Webmaster Central
Apr 02, 2019 - Sunshine CTF 2019 - The Whole Pkg
Apr 02, 2019 - Sunshine CTF 2019 - Golly Gee Willikers
Mar 31, 2019 - Sunshine CTF 2019 - 16-bit-AES
Mar 29, 2019 - 0CTF/TCTF 2019 Quals - zer0lfsr
Mar 29, 2019 - 0CTF/TCTF 2019 Quals - Ghost Pepper
Feb 17, 2019 - $1.000 SSRF in Slack
Feb 03, 2019 - EvlzCTF 2019 - Don't Cry

2018

Dec 06, 2018 - Pwn2Win 2018 - GCM
Dec 03, 2018 - Pwn2Win 2018 - Attack Step [First Flag]
Nov 26, 2018 - ASIS CTF Finals 2018 - Gunshop and Gunshop II
Nov 19, 2018 - RITSEC CTF 2018 - PCAP Me If You Can
Sep 18, 2018 - HACKAFLAG 2018 - Etapa São Paulo - Siga a api [PT-BR]
Sep 17, 2018 - NoxCTF 2018 - Marcode
Sep 10, 2018 - HackIT CTF 2018 - PyCry Writeup
Sep 03, 2018 - Tokyo Westerns CTF - Revolutional Secure Angou Writeup
Sep 01, 2018 - Tokyo Westerns CTF - SimpleAuth Writeup
Aug 27, 2018 - HACKAFLAG 2018 - Etapa Salvador - FailedBook
Aug 27, 2018 - HACKAFLAG 2018 - Etapa Belo Horizonte - Luz [PT-BR]
Aug 09, 2018 - TJCTF - Ess Kyoo Ell Writeup
Aug 09, 2018 - TJCTF - Request Me Writeup
Jul 29, 2018 - ISITDTU CTF 2018 - Drill Writeup
Jul 29, 2018 - ISITDTU CTF 2018 - Friss Writeup
Jun 13, 2018 - [CVE-2018-12254] SQL Injection Joomla Component
May 08, 2018 - AsisCTF 2018 - Tokyo
May 02, 2018 - AsisCTF 2018 - Trashy or Classy
Apr 24, 2018 - NoNameConCTF - Convert Writeup
Apr 10, 2018 - SunshineCTF - Search Box Writeup
Apr 10, 2018 - SunshineCTF - Marceau Writeup
Apr 10, 2018 - SunshineCTF - Home Sweet Home Writeup
Apr 10, 2018 - SunshineCTF - Evaluation Writeup
Apr 10, 2018 - INS'hAck - Crimemail Writeup
Apr 10, 2018 - Byte Bandits CTF - R3M3MB3R Writeup
Apr 02, 2018 - Contatos de e-mail na mira do cibercrime brasileiro - [PT-BR]
Mar 12, 2018 - N1CTF 2018 - Funning eating cms
Mar 04, 2018 - Pragyan CTF - Unfinished Business
Mar 03, 2018 - Pragyan CTF - El33t Articles Hub
Mar 01, 2018 - NeverLAN - Don't hate me
Feb 27, 2018 - NeverLAN - JSON parsing 1
Feb 27, 2018 - NeverLAN - Cookie Monster
Feb 27, 2018 - NeverLAN - Siths use Ubuntu (Part 1 of 3)

2017

Nov 23, 2017 - [CVE-2017-16919] MapOS Stored Cross-site Scripting (XSS) - [PT-BR]
Oct 24, 2017 - Restricted Linux Shell Escaping Techniques
Oct 24, 2017 - Bug Bounty Programs for Fun and for Profit
Oct 13, 2017 - [CVE-2017-15287] Vulnerability XSS - Dreambox - [PT-BR]
Oct 13, 2017 - Pentesting Vulnerable Study Frameworks Complete List
Oct 13, 2017 - CTF Writeups and Tools List to Get You Ready
Oct 12, 2017 - CSAW 2017 Quals - Serial - [PT-BR]
Oct 12, 2017 - e-Safer and CA CTF
Sep 07, 2017 - [CVE-2017-14219] XSS NO ROTEADOR INTELBRAS WRN 240 - [PT-BR]
May 28, 2017 - WhiteHat Contest 13 - Tuy Hoa