2024
Introduction The FireShell Security Team was responsible for BHack CTF for one more year, and this year was my first...
Intigriti keeps challenging us with XSS fun time, this time with a challenge by CryptoCat. I had a great time...
corCTF is maintained by the Crusaders of Rust Team. The 2024 edition happened between 27/07/2024 and 29/07/2024. As usual, this...
2023
Intigriti brings us monthly web challenge with really interesting problems. The Challenge This challenge was mostly the same of the...
SekaiCTF is a Capture The Flag event hosted by Team Project Sekai, with some hardcore members of CTF Community. Web...
Hello, folks! It’s been a long time since my last write-up and there goes a short one. Harem scarem was...
corCTF is maintained by the Crusaders of Rust Team. The 2023 edition happened between 28 and 30-JUL. This is a...
UTCTF is maintained by the Information & Systems Security Society at the University of Texas at Austin. Since I’m not...
The Event HackTM CTF was an event hosted by WreckTheLine. It was a really nice event and there were some...
2022
The event NahamCon EU CTF started on December 16th and lasted 24 hours. It had all the most common types...
RCTF 2022 is a Jeopardy-style Online Capture The Flag Competition presented by ROIS(Researcher Of In-formation Security). The Champion Team of...
Tive o grande prazer de participar do evento de segurança BHack 2022 e ajudar na organização do CTF, incluindo a...
Introduction In this write-up I will describe the journey to finish one of the challenges from Google CTF 2022 called...
This is the 3rd edition of WeCTF and this is the only CTF I’m following since the begining - because...
SEETF is a cybersecurity Capture the Flag competition hosted by the Social Engineering Experts CTF team. Altough the name is...
O justCTF foi organizado pelo time just Cat The Fish e inclui as categorias mais comuns de desafios, incluindo alguns...
This was the first edition of TSJ CTF and it was great! There was a lot of hardcore Web Challenges,...
2021
The first edition of idekCTF brought some really nice and creative web challenges. We solved almost all of the web...
INTENT Security Research Summit 2021 was founded by security companies CyberArk and Checkmarx and is focused on security research. I...
Hack.lu CTF was a great surprise for me as a never heard about it before. And it’s rated 94.98! It...
ASIS CTF is a heavyweight CTF happening since 2013. The Rating weight on CTFTime for this event is currently 89.22,...
This was the second edition of the Really Awesome CTF, organized by a group of UK students, with a shared...
UIUCTF CTF is hosted by the Special interest Group for Computer Security: SIGPwny - at the University of Illinois in...
redpwnCTF 2021 is the 3rd edition of a cybersecurity competition hosted by the redpwn CTF team, with some very creative...
Hack-a-Sat is a hardcore CTF focused on Satellite Hacking, which is awesome! I didn’t had much time to work on...
Hi everyone! C: After lot of months I’m posting here again! I played the WeCTF 2021(a only-web CTF) with my...
2020
Introduction This weekend we played NahamCon CTF 2020 and I decided to log this post-mortem solution that could help future...
Introduction This weekend FireShell wasn’t going to play CTFs, so I decided to look at the Defenit CTF by myself....
Introduction This weekend, we played Byte Bandits CTF and we finished 9th! It was a really good CTF, the level...
Introduction This weekend we played the Midnight Sun CTF 2020 Quals. There were a lot of nice challenges and good...
Olá a todos! Nos dias 21 e 22 de março de 2020, ocorreu o FireShell CTF 2020 e este post...
Hi everyone! C: Discord is one of mosts used communication software in the world that is supported on multiple platforms....
2019
Description I recently bought a MiBand and started exploring what crazy stuff I can do with it. Maybe this capture...
Description I have intercepted one of my friends chat. Can you help me in analyzing it? Challenge: Link1 & Link2...
Description The greatest heist in the town is here. Charlie and his gang have managed to enter into this three-way...
Description Hello, can you reverse this object code for me ??? I would be thankfull to you. challenge.html Solution After...
Description I and my friend love playing with computers. So one day, my friend hid the flag in his computer...
Introduction This write-up is about the challenges PHP+1, PHP+1.5 and PHP+2.5, we were able to solve those three challenges with...
Quick Intro and Tools Before describe the challange I’d like to share the tooling that I have used to solve...
Description The description of the challenge is clear about what we will have to do: Reverse engineering a .NET Core...
Description Author: Alexander Menshchikov (n0str) This Telegram bot really loves live face-to-face communication! And it also seems to have some...
Description QShell is running on nc spbctf.ppctf.net 37338 Grab the flag When we connect on the server, we receive the...
Description My neighbors are always very careful about their security. For example they’ve just bought a new home Wi-Fi router,...
Description As the name of the challenge implies, we are dealing with some sort of Docker escape and we need...
Hi everyone! C: This is a crypto challenge that I enjoyed a lot and I wanted to make my first...
Description You’re part of a company security team and the admin has recently enabled interception on the company filtering proxy....
Description One of my friends is a show-off and I don’t like that. Help me find the backdoor he just...
Introduction Let’s imagine a situation where we are analyzing some application that apparently is vulnerable to Server Side Template Injection...
Description n00b created a super secure website for sharing images. Do you think you can hack it? http://imgaccess.ctf.euristica.in Write-up When...
Description I’ve stored all of my wrestling strategies in a state-of-the-art secret vault. I even wrote it in nodeJS, can’t...
Someone sent me this weird file and I don’t understand it. It’s freaking me out, this isn’t a game! Please...
Description Why so small? nc aes.sunshinectf.org 4200 Author: ps_iclimbthings Write-up Short write-up here. The server asked for a word to...
Description Please enjoy the classical lfsr. zer0lfsr.tar.gz Attachment content chall.py keystream chall.py script from secret import init1,init2,init3,FLAG import hashlib assert(FLAG=="flag{"+hashlib.sha256(init1+init2+init3).hexdigest()+"}")...
Description Do you know ghost pepper? Let’s eat. http://111.186.63.207:31337 Write-up Vitor B2e4gl3 started the enumeration of this challenge and was...
Description: How deep can you go?(0>0) While submitting put the flag in evlz{} Author: Achilles It’s just a JPEG file...
2018
These were the steps to resolve Pwn2Win 2018’s GCM challenge, a challenge about a critical vulnerability in Python’s cryptography package....
These were the steps to solve the First Flag of Attack Step. We solved this with little time left so...
One Frida script for two Flags ASIS 2018 Gunshop and Gunshop II challenges were about an Android app. And I...
PCAP Me If You Can (forensics 300) The hackers have written their own protocol for their MALL-ware. Can you figure...
Descrição: Essa misc é um net enrustido, siga o dump até o usário. #sejabonzinho não owne o full stack ;)...
Description: Marcode (Mr. Code in Hebrew), Ineed your help! I got a movie but I cant see it. It hypnotizes...
This challenge was a teamwork challenge. First, @diofeher discovered that we could run python on the server by sending code...
In this challenge we are given an encrypted file, flag.encrypted, a public key publickey.pem, and a prime generator generator.rb. flag.encrypted...
This challenge when I got it, I did not even know its description, but I really like that kind of...
Description: do it all you need to get shell Autor: @keerok URL: http://chall.hackaflag.com.br:8664 Below, the main page of chall: Of...
Descrição: Há uma luz no fim do túnel. Acenda e encontre a saída. Autor: @dr1nKoRdi3 Anexo: challmisc.tar O arquivo challmisc.tar...
This challenge is interesting, sometimes it does not seem very realistic, but if you take the side of that every...
This challenge is really silly, but what is annoying, is that he was blocking the use of the Burp Suite...
Description: There is no description, only this link. Downloaded the file named drill and used the cat command. Inside, there...
This challenge happened this weekend and I enjoyed a lot it’s solving, also got a first blood here :) At...
Tokyo Category: Forensics Description: From Tokyo to Tehran with strange packs! Shake It Up 😜 Hint 1: Kyoto Cabinet (This...
Description: Don’t be Trashy. Try being Classy!! Downloaded the file and used de file command to check it’s signature: $...
Convert 100 If you need to convert something to Markdown, you can try our service: http://convert.nonameconctf2018.xyz This challenge quickly illustrates...
“This search engine doesn’t look very secure. Or well coded. Or competent in any way shape or form. This should...
“Marceau Hey my friend tells me that the flag is in this site’s source code. Idk how to read that...
Home Sweet Home Looks like this site is doing some IP filtering. That’s very FORWARD thinking of them. Have fun!...
Evaluation Evaluate your life. How are you doing, and are you doing the best you can possibly do? Look deeper...
“service, to communicate with his associates. Let’s see if you can hack your way in his account… Hint: his password’s...
The following page was given by the task: Without second thoughts, it’s clear this is about an LFI so I...
a strange online reservation system for restaurants, please hacking it This challenge told us little, just said it was to...
This challenge sent to the following page: When I tried to login, the page returned a message that the dashboard...
This challenge sent us to the following page: After a few attempts at the index.php?file, I opened the source code...
This Message just might make you crazy. Lets take a stroll through the cipher history time line New ZIP -------...
Description The attached file is metadata about one minute’s uploads to VirusTotal. The answer to this puzzle is a comma-separated...
Description http://neverlanctf-challenges-elb-2146429546.us-west-2.elb.amazonaws.com:14098/ 1.A little recon in case you don’t know who is “cookie monster” Google search “cookie monster” It’s a...
Author: bashninja Description: Ok… So the boss of your company has come to the security team with a problem. His...
2017
Another article from Felipe “d4rc0d3x”, now about the world of hacker commits better known as CTF (Capture the Flag). Access...
Challenge Temos um servidor dando para a porta 4239, conectando via nc o servidor retornou o seguinte: nc misc.chal.csaw.io 4239...
There’s a binary file that checks for a password. $ file re100 re100: ELF 64-bit LSB executable, x86-64, version 1...