Kalmarunionen is a Capture The Flag (CTF) team within cybersecurity. We hack stuff and this is our website. Occasionally we also post writeups and tutorials on how we solved different cybersecurity challenges.
You can always check our world ranking here.
Writeup by: andyandpandy, Anakin
Solved by: Fr3d, c3lphie, Anakin, andyandpandy, patriksletmo, ly4k and more
Writeup This challenge took us 21 hours to solve. Only 3 out of 524 teams solved it.
Revver, Midnight Sun CTF writeup Solved by: zzz, Zopazz
Writeup by: Zopazz
Automated reversing is a solved problem, right.
Writeup General challenge information In this challenge we were provided with a netcat session, which would respond with one of 20 random dynamically generated shellcodes encoded as …
Writeup by: Oliver Lyak (ly4k)
Solved by: Zopazz, Oliver Lyak (ly4k)
QLaaS QLaaS (Qiling as a Service) was a Clone-and-Pwn challenge with difficulty Schrödinger (whatever that means). The challenge was solved by 23 out of 947 teams.
We are provided with the following attachment: …
Writeup by: Nicolai Søborg
Solved by: Nicolai Søborg, Rasmus Have
This year we managed to land a 13 place, again! (which is really a shame as top 12 gets swag …)
Secured Java The challenge is a single python file that allows you to “run untrusted Java in a safe way”.
The code boils down to:
Writeup by: Zanderdk | linkedin
Solved by: ZZZ | linkedin, N00byedge | linkedin
Indie VMM - HXP 2021 In this challenge we are given a root access to a linux machine running in the linux tools hypervisor and the goal is to escape out of the hypervisor to access the flag file on the host system. During this challenge we …
Writeup by: andyandpandy
Solved by: andyandpandy, Hako
Writeup The challenge has a race condition vulnerability, where you can delete your user and rapidly after send another request for the flag, which is successful when timed correctly.
Description Web challenge
Challenge author: pspaul/SonarSource
To keep track of …
Writeup by: andyandpandy
Solved by: andyandpandy, eskildsen, 2by4
Writeup This is most likely an unintended solution.
TL;DR: Create a note with two iframes. First iframe gets /s/secret-note, second gets from evil.com, which returns a html page where another iframe is loaded based on an 0-day …
Writeup author: Bawstaws
The Lost Bottle is the most awesome pirate game. It is about a young pirate, that lost her favorite bottle of old rum. She is now doomed to drink ordinary rum until she finds her bottle. Flags: 2531.00
Tags: rev, misc, game
Introduction After discovering that this is a game challenge I quickly …