Kalmarunionen
Writeups icon
ASIS CTF - xtr BambooFox CTF: The Vault BSidesSF 2021: Log 'em All De Danske Cybermesterskaber: 80s Commitments De Danske Cybermesterskaber: Kuuuurveen FaustCTF 2021 - Attack & Defense - thelostbottle Hack.lu CTF - Nodenb LKVM Escape MidnightSun Quals: kgbfskfsb MidnightSun Quals: Revver Pwn2win - Hackus Qiling Sandbox Escape Real World CTF 4th: Secured Java Sudo Exploit Writeup Union CTF 2021: Cr0wnAir
Become a member
About
  • ASIS CTF - xtr

    Oct 15, 2022 web XSS RCE

    Writeup by: andyandpandy, Anakin Solved by: Fr3d, c3lphie, Anakin, andyandpandy, patriksletmo, ly4k and more Writeup This challenge took us 21 hours to solve. Only 3 out of 524 teams solved it. Overview The challenge included a scenario where we had arbitrary javascript execution on a website. From here we were able to …

    Read More
  • MidnightSun Quals: Revver

    Apr 4, 2022 rev z3

    Revver, Midnight Sun CTF writeup Solved by: zzz, Zopazz Writeup by: Zopazz Description: Automated reversing is a solved problem, right. Writeup General challenge information In this challenge we were provided with a netcat session, which would respond with one of 20 random dynamically generated shellcodes encoded as …

    Read More
  • MidnightSun Quals: kgbfskfsb

    Apr 3, 2022 web race-conditions

    kgbfskfsb, MidnightSun CTF writeup Writeup by: Nigma, nrabulinski Solved by: sebastianpc, Eldar Zeynalli (Hako), nrabulinski, Nigma Description: DeNiS Sergeev wants a secret mission payload… Attachments: kgbfskfsb.tar.gz The challenge description pretty clearly hints towards DNS stuff and sure enough, after …

    Read More
  • Qiling Sandbox Escape

    Jan 24, 2022 clone-and-pwn qiling sandbox-escape

    Writeup by: Oliver Lyak (ly4k) Solved by: Zopazz, Oliver Lyak (ly4k) QLaaS QLaaS (Qiling as a Service) was a Clone-and-Pwn challenge with difficulty Schrödinger (whatever that means). The challenge was solved by 23 out of 947 teams. We are provided with the following attachment: …

    Read More
  • LKVM Escape

    Dec 17, 2021 web race-conditions

    Writeup by: Zanderdk | linkedin Solved by: ZZZ | linkedin, N00byedge | linkedin Indie VMM - HXP 2021 In this challenge we are given a root access to a linux machine running in the linux tools hypervisor and the goal is to escape out of the hypervisor to access the flag file on the host system. During this challenge we …

    Read More
  • Hack.lu CTF - Nodenb

    Oct 30, 2021 web race-conditions

    Writeup by: andyandpandy Solved by: andyandpandy, Hako Writeup The challenge has a race condition vulnerability, where you can delete your user and rapidly after send another request for the flag, which is successful when timed correctly. Description Web challenge Challenge author: pspaul/SonarSource To keep track of …

    Read More
  • FaustCTF 2021 - Attack & Defense - thelostbottle

    Jun 13, 2021 attack-defense game python misc

    Writeup author: Bawstaws The Lost Bottle is the most awesome pirate game. It is about a young pirate, that lost her favorite bottle of old rum. She is now doomed to drink ordinary rum until she finds her bottle. Flags: 2531.00 Tags: rev, misc, game Introduction After discovering that this is a game challenge I quickly …

    Read More
  • De Danske Cybermesterskaber: Kuuuurveen

    May 9, 2021 Crypto

    Writeup by: ChrRaz Kuuuurveen We are given the following challenge description. A client and a server have been communicating the flag over an encrypted channel. Der er en Kuuuuuuuuuuuuuuurveeeeeee, er den ikke smuk? En client og en server kommunikere over en krypteret kommunikationskanal. Se om du ved hjælp af source …

    Read More
  • De Danske Cybermesterskaber: 80s Commitments

    May 9, 2021 Crypto

    Writeup by: ChrRaz 80s Commitments When opening http://80s-commitments.hkn we are greeted with the following page: We are given a public key and a “commitment”. If we enter this commitment into the “reveal” box we get redirected to the following page which shows an embedded youtube video. …

    Read More
  • BSidesSF 2021: Log 'em All

    Mar 20, 2021 c++ use-after-free

    Challenge Description (967 points) Play to win and log ’em all! Once you’ve seen all 151 Asciimon, talk to Professor Jack for the flag. We’ve included some data for the first couple rooms, you’ll have to figure out the rest yourself! nc -v logemall-a2db138b.challenges.bsidessf.net 666 (author: …

    Read More

Recent Posts

  • Welcome to Kalmarunionen
  • ASIS CTF - xtr
  • MidnightSun Quals: Revver
  • MidnightSun Quals: kgbfskfsb
  • Qiling Sandbox Escape
  • Real World CTF 4th: Secured Java
  • LKVM Escape
  • Hack.lu CTF - Nodenb

Categories

WRITEUPS 10 DDC-2021 2 MIDNIGHTSUN 2 BSIDESSF-2021-CTF 1 FAUST-CTF-2021 1 HACK.LU-CTF 1 HXP 1 REAL-CVE 1 REAL-WORLD-CTF 1

Tags

WEB 4 RACE-CONDITIONS 3 CRYPTO 2 ATTACK-DEFENSE 1 C++ 1 CLONE-AND-PWN 1 GAME 1 MISC 1 PYTHON 1 QILING 1 RCE 1 REAL-WORLD 1 REV 1 SANDBOX-ESCAPE 1 SUDO 1 SUNDHEDSKORT 1 USE-AFTER-FREE 1 XSS 1 Z3 1

Copyright KALMARUNIONEN. All Rights Reserved