Kalmarunionen
Writeups icon
ASIS CTF - xtr BambooFox CTF: The Vault BSidesSF 2021: Log 'em All De Danske Cybermesterskaber: 80s Commitments De Danske Cybermesterskaber: Kuuuurveen FaustCTF 2021 - Attack & Defense - thelostbottle Hack.lu CTF - Nodenb LKVM Escape MidnightSun Quals: kgbfskfsb MidnightSun Quals: Revver Pwn2win - Hackus Qiling Sandbox Escape Real World CTF 4th: Secured Java SekaiCTF 2023 - Leakless Note Sudo Exploit Writeup Union CTF 2021: Cr0wnAir
Become a member
About
  • SekaiCTF 2023 - Leakless Note

    Sep 5, 2023 Web Advanced web XSS XS-Search

    Introduction We (Kalmarunionen) firstblooded the Leakless Note challenge during the SekaiCTF 2023. Only four teams solved the challenge during the competition. This is our write-up of the working - yet, unintended solution. TL;DR: We open 50 tabs and can use the timing difference from an iframe CSP violation in the …

    Read More
  • DEF CON CTF 2023 Qualifiers - IFUCKUP

    Aug 5, 2023 rev crypto pwn

    Summary This is a detailed writeup for the “IFUCKUP” challenge at the DEF CON CTF 2023 Qualifiers that I solved together with several team members from Norsecode (a collaboration of several CTF teams, including Kalmarunionen). The challenge binary that had to be exploited permits a buffer overflow on the …

    Read More
  • zer0pts CTF 2023 - Unlimited Braid Works

    Jul 17, 2023 crypto

    Summary This is a writeup for the “Unlimited Braid Works” challenge by mitsu at zer0pts CTF 2023. This challenge involved non-commutative group theory, and in particular braid groups. We were the first team to solve this challenge, which 6 teams solved in total. Solved by: shalaamum Writeup by: shalaamum …

    Read More
  • Codegate CTF 2023 Preliminary - anti Kerckhoffs

    Jul 13, 2023 crypto

    Summary This is a writeup for the “anti Kerckhoffs” challenge at the Codegate 2023 Preliminaries. This challenge was built around basic abstract algebra, exploiting e.g. that evaluation of quadratic polynomials is not bijective and information about them can be recovered by comparing the cardinality of …

    Read More
  • m0leCon Teaser 2023 - babyPQ

    May 18, 2023 crypto

    Summary This is a writeup for the “babyPQ” challenge by mr96 at m0leCon Teaser 2023. We were the first team to solve this challenge, with a total of 7 solves. This challenge involved lots of probabilities; there was a Feistel cipher involving S-boxes whose output bits satisfy a linear relation with high …

    Read More
  • m0leCon Teaser 2023 - Collisions

    May 18, 2023 crypto

    Summary This is a writeup for the “Collisions” challenge by mr96 at m0leCon Teaser 2023. We were the first team to solve this challenge, which had a total of 4 solves. In this challenge we had to find a second preimage for a custom hash function. Solution by: shalaamum Writeup by: shalaamum Writeup first …

    Read More
  • ångstromCTF 2023 - snap circuits

    May 3, 2023 crypto

    Summary This challenge used garbled circuits. They have a cryptographic application, which is however irrelevant for understanding this challenge and solution. Essentially we get the bits of the flag xored by random key we do not know, but we can also define some logical gates that take the flag bits as inputs, and get …

    Read More
  • ASIS CTF - xtr

    Oct 15, 2022 web XSS RCE

    Writeup by: andyandpandy, Anakin Solved by: Fr3d, c3lphie, Anakin, andyandpandy, patriksletmo, ly4k and more Writeup This challenge took us 21 hours to solve. Only 3 out of 524 teams solved it. Overview The challenge included a scenario where we had arbitrary javascript execution on a website. From here we were able to …

    Read More
  • MidnightSun Quals: Revver

    Apr 4, 2022 rev z3

    Revver, Midnight Sun CTF writeup Solved by: zzz, Zopazz Writeup by: Zopazz Description: Automated reversing is a solved problem, right. Writeup General challenge information In this challenge we were provided with a netcat session, which would respond with one of 20 random dynamically generated shellcodes encoded as …

    Read More
  • MidnightSun Quals: kgbfskfsb

    Apr 3, 2022 web race-conditions

    kgbfskfsb, MidnightSun CTF writeup Writeup by: Nigma, nrabulinski Solved by: sebastianpc, Eldar Zeynalli (Hako), nrabulinski, Nigma Description: DeNiS Sergeev wants a secret mission payload… Attachments: kgbfskfsb.tar.gz The challenge description pretty clearly hints towards DNS stuff and sure enough, after …

    Read More
    • ««
    • «
    • 1
    • 2
    • »
    • »»

Recent Posts

  • Welcome to Kalmarunionen
  • SekaiCTF 2023 - Leakless Note
  • DEF CON CTF 2023 Qualifiers - IFUCKUP
  • zer0pts CTF 2023 - Unlimited Braid Works
  • Codegate CTF 2023 Preliminary - anti Kerckhoffs
  • m0leCon Teaser 2023 - babyPQ
  • m0leCon Teaser 2023 - Collisions
  • ångstromCTF 2023 - snap circuits

Categories

WRITEUPS 17 DDC-2021 2 MIDNIGHTSUN 2 BSIDESSF-2021-CTF 1 FAUST-CTF-2021 1 HACK.LU-CTF 1 HXP 1 REAL-CVE 1 REAL-WORLD-CTF 1 SEKAICTF-2023 1

Tags

CRYPTO 8 WEB 5 RACE-CONDITIONS 3 REV 2 XSS 2 ADVANCED-WEB 1 ATTACK-DEFENSE 1 C++ 1 CLONE-AND-PWN 1 GAME 1 MISC 1 PWN 1 PYTHON 1 QILING 1 RCE 1 REAL-WORLD 1 SANDBOX-ESCAPE 1 SUDO 1 SUNDHEDSKORT 1 USE-AFTER-FREE 1 XS-SEARCH 1 Z3 1

Copyright KALMARUNIONEN. All Rights Reserved