🐱

CTF Writeups

30 writeups from various CTF competitions

TJCTF 2026: Minerva's Stopwatch Cryptography Challenge and unfinished-file Forensics Challenge Writeup

TJCTF 2026: Minerva's Stopwatch Cryptography Challenge and unfinished-file Forensics Challenge Writeup

A full walkthrough of two TJCTF 2026 challenges across the cryptography and forensics categories. The first challenge, Minerva's Stopwatch, involves exploiting a P-256 ECDSA timing side-channel to set up a Hidden Number Problem instance, then recovering the private key via LLL-based lattice reduction and CVP to decrypt a flag. The second challenge, unfinished-file, involves parsing a partial Chrome download in the crdownload format, locating embedded ZIP data, identifying an obfuscated file entry, and recovering the flag via single-byte XOR. Each writeup includes full solution scripts, beginner-friendly explanations of the underlying techniques, and key takeaways on the cryptographic and forensic weaknesses exploited.

Author May 18, 2026
16 min
tjctf writeup cryptography forensics
SK-CERT CyberGame 2026: Cryptography Challenges Writeup

SK-CERT CyberGame 2026: Cryptography Challenges Writeup

A full walkthrough of the SK-CERT CyberGame 2026 cryptography challenges, covering five distinct problems ranging from beginner to advanced. Topics include musical notation substitution ciphers, layered repeating-key XOR with PE reverse engineering, ZipCrypto known-plaintext attacks using bkcrack, an anomalous RSA challenge with an exponent approaching N^4 solved via lattice methods, and a quadratic twist elliptic curve DLP solved with Pohlig-Hellman over smooth-order subgroups. Each writeup includes full solution scripts, beginner-friendly explanations, and key takeaways on the underlying cryptographic weaknesses.

Author May 13, 2026
48 min
cybergame writeup cryptography sk-cert
SK-CERT CyberGame 2026: Forensics Challenges Writeup

SK-CERT CyberGame 2026: Forensics Challenges Writeup

A complete walkthrough of the SK-CERT CyberGame 2026 forensics category, covering four distinct investigations. The Telemetry challenge decodes a flag geographically encoded in a MAVLink 2.0 drone flight path hidden among honeytoken decoys. The Volatile Incident series tackles a 4.4 GB Linux ELF memory dump - first with a fast strings triage to recover bash history flags, then with a full Volatility 3 setup using a custom dwarf2json symbol table to identify a root-level Python packet sniffer persisted via nohup. The final Windows disk forensics challenge reconstructs a social engineering attack through AD1 image analysis, Chrome and Edge browser history, Outlook OST email parsing, Windows Registry UserAssist, and a password recovered from a public Steam profile - culminating in decryption of an exfiltrated 7zAES-encrypted archive.

Author May 13, 2026
62 min
cybergame ctf writeup forensics
SK-CERT CyberGame 2026: Malware Analysis & Reverse Engineering Writeup

SK-CERT CyberGame 2026: Malware Analysis & Reverse Engineering Writeup

A complete walkthrough of the SK-CERT CyberGame 2026 malware analysis and reverse engineering challenges. The Real World challenge dissects a live ransomware decryptor - a self-extracting ELF wrapper around a modified ChaCha20 cipher with custom constants, arithmetic right shifts, and nine double-rounds - requiring RSA private key extraction and manual double-layer decryption. Lesser Less reverse engineers a trojanized ELF pager binary that hides a shell command by matching 2-byte SHA-256 hashes, solved via a 65,536-entry brute-force lookup table. Lock Screen analyzes an Android APK using JADX, discovers a header-dependent XOR keystream on a remote /init endpoint, and extends input length to dump the full repeating flag. Flappy dissects a Rust-compiled WebAssembly credential exfiltration module disguised as a Flappy Bird game, recovering the XOR key via a two-pass known-plaintext attack.

Author May 13, 2026
19 min
cybergame writeup ctf reverse-engineering
SK-CERT CyberGame 2026: Offensive Security Writeup

SK-CERT CyberGame 2026: Offensive Security Writeup

A complete walkthrough of the SK-CERT CyberGame 2026 offensive security challenges across binary exploitation and web categories. Ricettoni covers a glibc 2.31 heap challenge with MTE tag bypass, unsorted bin consolidation overlap, and tcache poisoning to overwrite __free_hook with system(). Textweaver tackles a C++ UAF on glibc 2.39 using House of Apple 2 FSOP - poisoning _IO_list_all via safe-linking-aware tcache corruption to achieve RCE through exit(). Two Tower of Hanoi retro challenges exploit a CP/M Z80 emulator: the original via direct TYPE command on the filesystem, the Revenge variant via Monitor ROM bank dumps. ORMT and ORMT2 both exploit Django ORM injection - the first bypassing a recursive clean() sanitizer via depth overflow, the second abusing CVE-2025-64459 (_connector=OR) to authenticate as admin without credentials. The final future.js challenge chains an nginx cache poisoning attack using Shift_JIS charset confusion and nonce reflection to achieve stored XSS and bot cookie exfiltration.

Author May 13, 2026
126 min
cybergame writeup ctf offensive-security
SK-CERT CyberGame 2026: OSINT Challenges Writeup

SK-CERT CyberGame 2026: OSINT Challenges Writeup

A complete walkthrough of the SK-CERT CyberGame 2026 OSINT challenges across two distinct series. The Lore of the World series investigates the archived Hermitcraft Season 10 Minecraft world across five challenges - identifying MumboJumbo's starter base, decoding Grian's bureaucracy permit form, naming SmallishBeans' dog via world parsing, extracting precise XYZ coordinates from playerdata NBT files, and locating Rendog's GigaCorp facility by scanning entity data and decoding a ROT13 cipher. The Travellers series tracks a hacktivist group through four real-world geolocation challenges - identifying the Algonquin Centre for Construction Excellence in Ottawa, the Minsk-Arena in Belarus, the Sumavska 67a business district in Brno, and the Erbil Amphitheater in Iraq - then pinpointing the nearest island, building, nightclub, and cafe to each location using satellite imagery and local business data.

Author May 13, 2026
19 min
cybergame writeup ctf osint
0xFUN CTF 2026: Global Jeopardy-Style Cybersecurity Challenge

0xFUN CTF 2026: Global Jeopardy-Style Cybersecurity Challenge

0xFUN CTF 2026 is a 48-hour online Capture The Flag competition that pits teams and individual players against a series of mixed-difficulty cybersecurity challenges across web exploitation, reverse engineering, cryptography, forensics, OSINT and more. Built to be both approachable for beginners and deep enough to challenge intermediate competitors, this event emphasizes hands-on learning, creative problem-solving, and practical exploitation techniques in a high-pressure, competitive format that mirrors real offensive security work.

Author Feb 15, 2026
32 min
ctf writeup reverse-engineering crypto
NICC 2026 CTF - Namibia International Cybersecurity Conference Write-Up

NICC 2026 CTF - Namibia International Cybersecurity Conference Write-Up

This write-up documents my full solution path for the NICC CTF 2026, covering all challenge categories including OSINT, Web, Reverse Engineering, PWN, and Industrial Control Systems (ICS). Rather than focusing only on final answers, this write-up emphasizes methodology, attacker mindset, and real-world exploitation logic -from open-source intelligence gathering and web vulnerability chaining to low-level binary analysis and Modbus/TCP memory disclosure in simulated industrial environments.

Author Jan 29, 2026
16 min
ctf writeup CTF Writeup NICC CTF
SWIMMER CTF OSINT Writeup: Advanced Image Forensics, AI Decoy Detection, and Real-World Attributionon open source intelligence.

SWIMMER CTF OSINT Writeup: Advanced Image Forensics, AI Decoy Detection, and Real-World Attributionon open source intelligence.

This writeup presents a comprehensive solution to the SWIMMER OSINT CTF, covering multiple challenges involving image verification,social media osint, AI-generated decoy detection, metadata analysis, geolocation, and attribution. The investigation demonstrates how modern OSINT challenges intentionally exploit overreliance on EXIF data and visual assumptions by embedding AIGC fingerprints and misleading context. By combining automated metadata extraction, AI provenance detection, reverse image search, and human-centric reasoning, the correct signals were isolated and verified. This case study highlights practical OSINT techniques required to operate effectively in an era of synthetic media and increasingly deceptive open-source artifacts.

Author Jan 17, 2026
10 min
ctf writeup OSINT CTF
NahamCon Winter CTF

NahamCon Winter CTF

NAHAMCON Winter CTF 2025 kicked off on December 17th at 12:00 PM Pacific Time, bringing together the global security community for a fast-paced, high-signal Capture The Flag competition. With a strong focus on real-world offensive and defensive security skills, the event challenged participants across multiple domains while rewarding precision, speed, and depth of understanding. The competition featured a $2,000+ prize pool, including rewards for the top three teams and a bonus for the first team to complete The Mission, backed by industry sponsors such as Flare Academy, Project-Discovery, YesWeHack, Gray Swan, Snyk, and HackingHub.

Author Dec 19, 2025
12 min
ctf writeup nahamcon walkthrough
P3rf3ctr00t CTF 2025-WRITEUP

P3rf3ctr00t CTF 2025-WRITEUP

In this writeup I walk you through my journey during P3rf3ctr00t CTF 2025 — a 48-hour capture-the-flag marathon organized by p3rf3ctr00t. I break down each challenge I solved: the approach, the mistakes, the wins, and the lessons learned. Whether you’re a first-time CTFer or a seasoned hacker, this writeup aims to give you insight into the problem-solving mindset, the tools, and the strategies that turned chaos into flags.

Author Dec 8, 2025
41 min
ctf writeup P3rf3ctr00t walkthrough