Skip to content

ksaweryr/ctf-writeups

BranchesTags

Repository files navigation

CTF Writeups

This repository contains writeups I've made to some of the challenges from CTFs in which I participated.

2026

PascalCTF

Name Category Tags
Packet Tracer 2 pwn heap grooming

2025

ECSC Polish qualifier

Name Category Tags
Sanity check misc -
Warmup: Web web, warmup SQL injection
Warmup: Crypto crypto, warmup block cipher, nonce reuse
Warmup: RE re, warmup -
Warmup: Pwn pwn, warmup stack overflow, ret2win
GET my POST web HTTP redirect
MySchool web MySQL
Photo Archiver web DNS
Easy MFA web, crypto randcrack
Levelled MFA web, crypto LCG, LLL
CERTLE web XSS
Yet Another WAF web, re parser differentials
re-crackme re z3
Quine re VM
Sneaky Train re -
SHA-CTR crypto hash extension, known plaintext
Enter the Matrix crypto LLL
kumbukumbu crypto, re, web obfuscation, RSA
Caller misc C
Maze Runner misc sandbox escape
Flag Guardian misc LLM

2024

openECSC - Round 2

Name Category Tags
Anti-rev rev angr
Blind maze misc pcap
MathMAC crypto math, modular arithmetic
Random Noise misc FSK, checksums
Revenge of the Blind maze misc pcap
WOauth a laundry! web server side XSS
Yet another guessing game pwn buffer overflow, ROP, GOT

Crypto CTF

Name Category Tags
Honey crypto HNP-2H
Melek crypto SSS

ECSC Polish qualifier

Name Category Tags
Sanity check misc, warmup -
nWAF web JWT, WAF, bruteforce
Just Wonderful Turtles web JWT, SSTI, incorrect sanitization
DoggoWorld web HTTP basics
S69 web reflected XSS
1FA web incorrect authentication
CPU goes brrr re LFSR, optimization
Magiczna cat re JavaScript, bruteforce
Semantic Security crypto off-by-one
confidentialAlchemy crypto known plaintext, bruteforce
Weathermaster pwn JavaScript, command injection, CVE, LFI
Office Retribution forensics memory dump, volatility
The zettabyte file search forensics disk dump, file recovery
Over The Domain stegano DNS data exfiltration
notCrypto misc off-by-one

SunshineCTF

Name Category Tags
Build A Flag Workshop reversing C, md5
Flag Shop pwn buffer overflow, format string
Welcome to the Jungle! pwn UAF, tcache poisoning, ROP, ret2libc
heap01 pwn tcache, ret2win
Titusville I-95 (speedrun pwn) ROP
Jupiter I-95 (speedrun pwn) format string, GOT

N1CTF

Name Category Tags
N0TR5A crypto RSA, LLL

2023

ECSC Polish qualifier

Name Category Tags
Sanity check misc, warmup -
Flag Bearer web JWT
e-PUŁAP web SQL injection
Bad CA web LFI, x509
Complex Base Injection web LFI, privilege escalation
Fileless re Windows, PowerShell, C#, process injection
Multicast crypto RSA, egcd
trollface stegano LSB steganography
Baby thandbox misc, pwn LISP, command injection

2022

ECSC Polish qualifier

Name Category Tags
Kolska Leaks web LFI
Cat Blag web git, SQL injection, PHP, webshell
SEALed communication re C#, pcap
Shifting crypto known plaintext, maths
Visual Steganography stegano visual secret sharing

LIT CTF

Name Category Tags
A ROCk crypto ROCA
Running Up That Hill crypto Hill cipher
CodeTiger orz Is Meta misc EXIF data
Geoguessr Warm-up misc OSINT
Geoguessr Normal Mode misc OSINT
kirby!!! misc audio steganography, spectrogram
Sussy Amogus misc PowerShell, malware
Trash Royale misc PyInstaller
save_tyger pwn buffer overflow
save_tyger2 pwn buffer overflow
waifu pwn format string
addition rev angr
codetiger-orz rev obfuscation
math test rev C
minimalist rev angr
not assembly rev assembly
Among Us web HTTP headers
Amy The Hedgehog web SQL injection
EYANGCH Fan Art Maker web XML
EYANGCH Fan Art Maker 2.0 web XML
Flushed Emoji web Flask, SSTI, SQL injection
Guess The Pokemon web SQL injection
Kevin's Cookies web bruteforce
Personal Website web source code
Secure Website web side-channel, timing attack

About

No description, website, or topics provided.

Resources

Readme
Activity

Stars

2 stars

Watchers

1 watching

Forks

0 forks
Report repository

Releases

No releases published

Packages

No packages published

Languages