Writeup

2023

Intigriti's December challenge by protag

Intigriti brings us monthly web challenge with really interesting problems. The Challenge This challenge was mostly the same of the...

SEKAI CTF 2023 - Web Writeups - Frog-WAF and Chunky

SekaiCTF is a Capture The Flag event hosted by Team Project Sekai, with some hardcore members of CTF Community. Web...

corCTF 2023 - harem-scarem write-up

Hello, folks! It’s been a long time since my last write-up and there goes a short one. Harem scarem was...

corCTF 2023 - 3 Web Challenges

corCTF is maintained by the Crusaders of Rust Team. The 2023 edition happened between 28 and 30-JUL. This is a...

UTCTF 2023 - Cracking the Random

UTCTF is maintained by the Information & Systems Security Society at the University of Texas at Austin. Since I’m not...

HackTM CTF 2023 - cs2100 write-up

The Event HackTM CTF was an event hosted by WreckTheLine. It was a really nice event and there were some...

2022

NahamCon EU CTF 2022 - Welcome to Web3!

The event NahamCon EU CTF started on December 16th and lasted 24 hours. It had all the most common types...

RCTF 2022 - Hacking File Uploads

RCTF 2022 is a Jeopardy-style Online Capture The Flag Competition presented by ROIS(Researcher Of In-formation Security). The Champion Team of...

Explorando SQL Injection no INSERT - BHack CTF 2022 - Jogo da Velha - [PT-BR]

Tive o grande prazer de participar do evento de segurança BHack 2022 e ajudar na organização do CTF, incluindo a...

Google CTF 2022 - Segfault Labyrinth

Introduction In this write-up I will describe the journey to finish one of the challenges from Google CTF 2022 called...

WeCTF 2022 - Google Wayback

This is the 3rd edition of WeCTF and this is the only CTF I’m following since the begining - because...

SEETF 2022 - Username Generator

SEETF is a cybersecurity Capture the Flag competition hosted by the Social Engineering Experts CTF team. Altough the name is...

justCTF 2022 - Symple Unzipper - [PT-BR]

O justCTF foi organizado pelo time just Cat The Fish e inclui as categorias mais comuns de desafios, incluindo alguns...

TSJ CTF 2022 - Nimja at Nantou

This was the first edition of TSJ CTF and it was great! There was a lot of hardcore Web Challenges,...

2021

idekCTF 2021 write-ups

The first edition of idekCTF brought some really nice and creative web challenges. We solved almost all of the web...

INTENT CTF 2021 - Writeups (6-in-1)

INTENT Security Research Summit 2021 was founded by security companies CyberArk and Checkmarx and is focused on security research. I...

Hack.lu CTF 2021 - Diamond Safe

Hack.lu CTF was a great surprise for me as a never heard about it before. And it’s rated 94.98! It...

ASISCTF 2021 - ASCII art as a service

ASIS CTF is a heavyweight CTF happening since 2013. The Rating weight on CTFTime for this event is currently 89.22,...

Really Awesome CTF 2021 - Secret Store

This was the second edition of the Really Awesome CTF, organized by a group of UK students, with a shared...

UIUCTF 2021 - yana - Client-side exfiltration

UIUCTF CTF is hosted by the Special interest Group for Computer Security: SIGPwny - at the University of Illinois in...

redpwnCTF 2021 - Requester + Requester Strikes Back

redpwnCTF 2021 is the 3rd edition of a cybersecurity competition hosted by the redpwn CTF team, with some very creative...

Hack-a-Sat 2021 - Tree in the Forest

Hack-a-Sat is a hardcore CTF focused on Satellite Hacking, which is awesome! I didn’t had much time to work on...

WeCTF 2021 - Coin Exchange

Hi everyone! C: After lot of months I’m posting here again! I played the WeCTF 2021(a only-web CTF) with my...

2020

Hack The Box - ServMon

Hi! Let’s go for another writeup from Hack The Box, Servmon machine, level easy. It’s a Windows machine and below...

NahamCon CTF 2020 - Elsa4

Introduction This weekend we played NahamCon CTF 2020 and I decided to log this post-mortem solution that could help future...

2020 Defenit CTF - Some tasks

Introduction This weekend FireShell wasn’t going to play CTFs, so I decided to look at the Defenit CTF by myself....

Byte Bandits CTF 2020 - Look Beyond

Introduction This weekend, we played Byte Bandits CTF and we finished 9th! It was a really good CTF, the level...

Midnight Sun CTF 2020 Quals - pwn2, pwn3 and pwn5

Introduction This weekend we played the Midnight Sun CTF 2020 Quals. There were a lot of nice challenges and good...

Hack the Box - Registry

Nmap nmap 10.10.10.159 -sV -sC -oA scan/stdscan Starting Nmap 7.80 ( https://nmap.org ) at 2020-04-03 08:53 EDT Nmap scan report...

Hack the Box - Forest

This is my first writeup from Hack the Box platform and my first experience with Windows machine, so I hope...

FireShell CTF 2020 - Against the Perfect discord Inquisitor 1 and 2

Hi everyone! C: Discord is one of mosts used communication software in the world that is supported on multiple platforms....

2019

InCTF 2019 - ... --- ...

Description I recently bought a MiBand and started exploring what crazy stuff I can do with it. Maybe this capture...

InCTF 2019 - Fresh From The Oven

Description I have intercepted one of my friends chat. Can you help me in analyzing it? Challenge: Link1 & Link2...

InCTF 2019 - Golden Den

Description The greatest heist in the town is here. Charlie and his gang have managed to enter into this three-way...

InCTF 2019 - s3cur3-r3v

Description Hello, can you reverse this object code for me ??? I would be thankfull to you. challenge.html Solution After...

InCTF 2019 - Notch It Up

Description I and my friend love playing with computers. So one day, my friend hid the flag in his computer...

InCTF 2019 - PHP+1, PHP+1.5 and PHP+2.5

Introduction This write-up is about the challenges PHP+1, PHP+1.5 and PHP+2.5, we were able to solve those three challenges with...

Real World CTF 2019 Quals - Caidanti Part1 and Part 2

Quick Intro and Tools Before describe the challange I’d like to share the tooling that I have used to solve...

Chaos Communication Camp 2019 - CampRE

Description The description of the challenge is clear about what we will have to do: Reverse engineering a .NET Core...

CyBRICS CTF Quals 2019 - Telegram

Description Author: Alexander Menshchikov (n0str) This Telegram bot really loves live face-to-face communication! And it also seems to have some...

CyBRICS CTF Quals 2019 - QShell

Description QShell is running on nc spbctf.ppctf.net 37338 Grab the flag When we connect on the server, we receive the...

CyBRICS CTF Quals 2019 - Paranoid

Description My neighbors are always very careful about their security. For example they’ve just bought a new home Wi-Fi router,...

CyBRICS CTF Quals 2019 - Dock Escape

Description As the name of the challenge implies, we are dealing with some sort of Docker escape and we need...

Asis CTF Quals 2019 - A delicious soup

Hi everyone! C: This is a crypto challenge that I enjoyed a lot and I wanted to make my first...

INS'hAck 2019 - Passthru

Description You’re part of a company security team and the admin has recently enabled interception on the company filtering proxy....

INS'hAck 2019 - You Shall Not Pass

Description One of my friends is a show-off and I don’t like that. Help me find the backdoor he just...

Asis CTF Quals 2019 - Fort Knox

Introduction Let’s imagine a situation where we are analyzing some application that apparently is vulnerable to Server Side Template Injection...

Byte Bandits CTF 2019 - ImgAccess

Description n00b created a super secure website for sharing images. Do you think you can hack it? http://imgaccess.ctf.euristica.in Write-up When...

Sunshine CTF 2019 - The Whole Pkg

Description I’ve stored all of my wrestling strategies in a state-of-the-art secret vault. I even wrote it in nodeJS, can’t...

Sunshine CTF 2019 - Golly Gee Willikers

Someone sent me this weird file and I don’t understand it. It’s freaking me out, this isn’t a game! Please...

Sunshine CTF 2019 - 16-bit-AES

Description Why so small? nc aes.sunshinectf.org 4200 Author: ps_iclimbthings Write-up Short write-up here. The server asked for a word to...

0CTF/TCTF 2019 Quals - zer0lfsr

Description Please enjoy the classical lfsr. zer0lfsr.tar.gz Attachment content chall.py keystream chall.py script from secret import init1,init2,init3,FLAG import hashlib assert(FLAG=="flag{"+hashlib.sha256(init1+init2+init3).hexdigest()+"}")...

0CTF/TCTF 2019 Quals - Ghost Pepper

Description Do you know ghost pepper? Let’s eat. http://111.186.63.207:31337 Write-up Vitor B2e4gl3 started the enumeration of this challenge and was...

EvlzCTF 2019 - Don't Cry

Description: How deep can you go?(0>0) While submitting put the flag in evlz{} Author: Achilles It’s just a JPEG file...

2018

Pwn2Win 2018 - GCM

These were the steps to resolve Pwn2Win 2018’s GCM challenge, a challenge about a critical vulnerability in Python’s cryptography package....

Pwn2Win 2018 - Attack Step [First Flag]

These were the steps to solve the First Flag of Attack Step. We solved this with little time left so...

ASIS CTF Finals 2018 - Gunshop and Gunshop II

One Frida script for two Flags ASIS 2018 Gunshop and Gunshop II challenges were about an Android app. And I...

RITSEC CTF 2018 - PCAP Me If You Can

PCAP Me If You Can (forensics 300) The hackers have written their own protocol for their MALL-ware. Can you figure...

HACKAFLAG 2018 - Etapa São Paulo - Siga a api [PT-BR]

Descrição: Essa misc é um net enrustido, siga o dump até o usário. #sejabonzinho não owne o full stack ;)...

NoxCTF 2018 - Marcode

Description: Marcode (Mr. Code in Hebrew), Ineed your help! I got a movie but I cant see it. It hypnotizes...

HackIT CTF 2018 - PyCry Writeup

This challenge was a teamwork challenge. First, @diofeher discovered that we could run python on the server by sending code...

Tokyo Westerns CTF - Revolutional Secure Angou Writeup

In this challenge we are given an encrypted file, flag.encrypted, a public key publickey.pem, and a prime generator generator.rb. flag.encrypted...

Tokyo Westerns CTF - SimpleAuth Writeup

This challenge when I got it, I did not even know its description, but I really like that kind of...

HACKAFLAG 2018 - Etapa Salvador - FailedBook

Description: do it all you need to get shell Autor: @keerok URL: http://chall.hackaflag.com.br:8664 Below, the main page of chall: Of...

HACKAFLAG 2018 - Etapa Belo Horizonte - Luz [PT-BR]

Descrição: Há uma luz no fim do túnel. Acenda e encontre a saída. Autor: @dr1nKoRdi3 Anexo: challmisc.tar O arquivo challmisc.tar...

TJCTF - Ess Kyoo Ell Writeup

This challenge is interesting, sometimes it does not seem very realistic, but if you take the side of that every...

TJCTF - Request Me Writeup

This challenge is really silly, but what is annoying, is that he was blocking the use of the Burp Suite...

ISITDTU CTF 2018 - Drill Writeup

Description: There is no description, only this link. Downloaded the file named drill and used the cat command. Inside, there...

ISITDTU CTF 2018 - Friss Writeup

This challenge happened this weekend and I enjoyed a lot it’s solving, also got a first blood here :) At...

AsisCTF 2018 - Tokyo

Tokyo Category: Forensics Description: From Tokyo to Tehran with strange packs! Shake It Up 😜 Hint 1: Kyoto Cabinet (This...

AsisCTF 2018 - Trashy or Classy

Description: Don’t be Trashy. Try being Classy!! Downloaded the file and used de file command to check it’s signature: $...

NoNameConCTF - Convert Writeup

Convert 100 If you need to convert something to Markdown, you can try our service: http://convert.nonameconctf2018.xyz This challenge quickly illustrates...

SunshineCTF - Search Box Writeup

“This search engine doesn’t look very secure. Or well coded. Or competent in any way shape or form. This should...

SunshineCTF - Marceau Writeup

“Marceau Hey my friend tells me that the flag is in this site’s source code. Idk how to read that...

SunshineCTF - Home Sweet Home Writeup

Home Sweet Home Looks like this site is doing some IP filtering. That’s very FORWARD thinking of them. Have fun!...

SunshineCTF - Evaluation Writeup

Evaluation Evaluate your life. How are you doing, and are you doing the best you can possibly do? Look deeper...

INS'hAck - Crimemail Writeup

“service, to communicate with his associates. Let’s see if you can hack your way in his account… Hint: his password’s...

Byte Bandits CTF - R3M3MB3R Writeup

The following page was given by the task: Without second thoughts, it’s clear this is about an LFI so I...

N1CTF 2018 - Funning eating cms

a strange online reservation system for restaurants, please hacking it This challenge told us little, just said it was to...

Pragyan CTF - Unfinished Business

This challenge sent to the following page: When I tried to login, the page returned a message that the dashboard...

Pragyan CTF - El33t Articles Hub

This challenge sent us to the following page: After a few attempts at the index.php?file, I opened the source code...

NeverLAN - Don't hate me

This Message just might make you crazy. Lets take a stroll through the cipher history time line New ZIP -------...

NeverLAN - JSON parsing 1

Description The attached file is metadata about one minute’s uploads to VirusTotal. The answer to this puzzle is a comma-separated...

NeverLAN - Cookie Monster

Description http://neverlanctf-challenges-elb-2146429546.us-west-2.elb.amazonaws.com:14098/ 1.A little recon in case you don’t know who is “cookie monster” Google search “cookie monster” It’s a...

NeverLAN - Siths use Ubuntu (Part 1 of 3)

Author: bashninja Description: Ok… So the boss of your company has come to the security team with a problem. His...

2017

CTF Writeups and Tools List to Get You Ready

Another article from Felipe “d4rc0d3x”, now about the world of hacker commits better known as CTF (Capture the Flag). Access...

CSAW 2017 Quals - Serial - [PT-BR]

Challenge Temos um servidor dando para a porta 4239, conectando via nc o servidor retornou o seguinte: nc misc.chal.csaw.io 4239...

WhiteHat Contest 13 - Tuy Hoa

There’s a binary file that checks for a password. $ file re100 re100: ELF 64-bit LSB executable, x86-64, version 1...