mis4nthr0pia

Challenge Overview A dice-based gambling game where you start with $800 and need to reach $10,000 to buy the flag. The game allows you to: Key Files The Vulnerability Provably Fair System Gone Wrong The game implements a “provably fair” dice system where: The Critical Flaw Python’s random module uses the Mersenne Twister (MT19937) PRNG,…

1. Introduction We are tasked with analyzing a packet capture (final.pcapng) for Team K\&K. They suspect data is being stolen. Our job is to find out what was taken and retrieve the flag. 2. identifying the Exfiltration (The “What”) The first step is to filter the noise. Since most data theft happens over the web,…

Can you help Han Shangyan win the lottery? We are provided with a Bash script that simulates a lottery game. Here is the source code: The Vulnerabilities There are two distinct vulnerabilities that, when chained together, allow for Remote Code Execution (RCE). A. Regex Bypass The script attempts to validate the input using a Regular…

We made an encryption service. We forgot to make the decryption though.\As compensation we are giving free encrypted flags. The service allows users to submit plaintexts, which are then encrypted using AES-CBC with a user-supplied key. As a bonus, the flag is appended to the plaintext and encrypted as well. Provided Files enc.py run.sh Vulnerability…

People said gets is not safe, but I think I figured out how to make it safe. Buffer overflows are a classic vulnerability, but sometimes CTF authors add little “security checks” to trip you up. In this challenge, Baby bof, the author claimed they made the dangerous gets() function safe. Spoiler alert: they didn’t. Here…

Difficulty: Hard but Fun 1. Challenge Overview We are given a Flask application that mimics a login portal. The goal is to access the internal /home route and read the flag using the /readflag binary. The Obstacles: 2. Vulnerability Analysis The WAF (No Quotes, No Periods) The WAF makes standard attacks impossible. The “Swallow” (SQL…

Difficulty: Hard but Fun 1. Challenge Overview We are given a Flask web application with the following source files: The Goal: We need to execute the /readflag binary to get the flag. The Obstacles: 2. Vulnerability Analysis The SQL Injection (The “Swallow”) The application constructs the SQL query using Python f-strings, which is vulnerable to…

1. Challenge Overview In this challenge, we encounter a web application built with Python (Flask) and a MySQL database. Our goal is to read the flag located at /root/flag.txt. However, we cannot access the file system directly; we need to find a way to trick the server into executing a command for us. This challenge…

Challenge Overview This CTF challenge presents an eBPF-based network firewall that filters TCP traffic for the keyword “flag” and the character ‘%’. The objective is to retrieve a flag from an nginx web server at 35.227.38.232:5000 serving /flag.html. Vulnerability Analysis Firewall Implementation The firewall is implemented as an eBPF program (firewall.c) attached to both ingress and egress TC…

Challenge Overview The challenge presents a scenario where a protest against soaring housing prices (gentrification) occurred in Mexico City in July 2025. We are given a link to a Jiji Press article (referenced as 2025070500264) featuring a photo of a vandalized store. The goal is to identify the store and find its opening date (local time) in YYYY/MM/DD format. Initial Assumptions…