Thoughts, writeups, and experiments in cybersecurity and coding
We made an encryption service. We forgot to make the decryption though.\As compensation we are giving free encrypted flags. The service allows users to submit plaintexts, which are then encrypted using AES-CBC with a user-supplied key. As a bonus, the flag is appended to the plaintext and encrypted as well. Provided Files enc.py run.sh Vulnerability … Read more
People said gets is not safe, but I think I figured out how to make it safe. Buffer overflows are a classic vulnerability, but sometimes CTF authors add little “security checks” to trip you up. In this challenge, Baby bof, the author claimed they made the dangerous gets() function safe. Spoiler alert: they didn’t. Here … Read more
Difficulty: Hard but Fun 1. Challenge Overview We are given a Flask application that mimics a login portal. The goal is to access the internal /home route and read the flag using the /readflag binary. The Obstacles: 2. Vulnerability Analysis The WAF (No Quotes, No Periods) The WAF makes standard attacks impossible. The “Swallow” (SQL … Read more
Difficulty: Hard but Fun 1. Challenge Overview We are given a Flask web application with the following source files: The Goal: We need to execute the /readflag binary to get the flag. The Obstacles: 2. Vulnerability Analysis The SQL Injection (The “Swallow”) The application constructs the SQL query using Python f-strings, which is vulnerable to … Read more
1. Challenge Overview In this challenge, we encounter a web application built with Python (Flask) and a MySQL database. Our goal is to read the flag located at /root/flag.txt. However, we cannot access the file system directly; we need to find a way to trick the server into executing a command for us. This challenge … Read more
Challenge Overview This CTF challenge presents an eBPF-based network firewall that filters TCP traffic for the keyword “flag” and the character ‘%’. The objective is to retrieve a flag from an nginx web server at 35.227.38.232:5000 serving /flag.html. Vulnerability Analysis Firewall Implementation The firewall is implemented as an eBPF program (firewall.c) attached to both ingress and egress TC … Read more
Challenge Overview The challenge presents a scenario where a protest against soaring housing prices (gentrification) occurred in Mexico City in July 2025. We are given a link to a Jiji Press article (referenced as 2025070500264) featuring a photo of a vandalized store. The goal is to identify the store and find its opening date (local time) in YYYY/MM/DD format. Initial Assumptions … Read more
Challenge Overview We are presented with a scenario involving a lattice tower of a communications facility that was damaged during an earthquake in Japan in December 2025. The objective is to identify the official technical name of this facility as a communications hub (its Shuyokyoku or “Accommodation Station” name), which differs from the common name reported in news articles. Initial Assumptions … Read more
Challenge Overview The task is to determine the legal name of the user debeyohiru/furaigo5. We are given access to their public profile page and are instructed to identify the real name in Latin alphabet, ignoring Kanji or Hiragana. Initial Assumptions Investigation Process Step 1: Inspect the Profile Source Step 2: Examine the JavaScript File Key Findings Final Flag … Read more
Challenge Overview The goal of this challenge was to identify the nearest Tokyo Metro station to the workplace of the target, “Lilica”. We were provided with: Initial Assumptions Investigation Process Step 1: Analyzing the Image (The Physical Clue) Step 2: Analyzing Digital Footprints (The Profession) Step 3: Geolocation of the Workplace Step 4: Determining the Station Key … Read more