Skip to content

splitline/My-CTF-Challenges

Folders and files

NameName
Last commit message
Last commit date

Latest commit

Β 

History

41 Commits
Β 
Β 
Β 
Β 
Β 
Β 
Β 
Β 
Β 
Β 
Β 
Β 
Β 
Β 

Repository files navigation

My CTF Challenges

HITCON CTF

2023 Quals

write-up

Challenge Category Description
Sharer web XSS and CSRF with Signed Exchange (SXG) feature.
AMF web, misc Find an RCE gadget in Py3AMF

2022 Quals

write-up

Name Category Description
🎲 RCE web Warmup Challenge
πŸ’£ Self Destruct Message web XSS
🎧 S0undCl0ud web Python generator, mimetypes library
πŸ“ƒ web2pdf web mpdf 0-day
V O I D misc Using OOB bytecodes to escape PyJail
πŸ₯’ Picklection misc Pickle Jail

Balsn CTF

2023

Name Category Description
Memes web imagepng + FTP PASV SSRF

TSJ CTF 2022

Name Category Description
Genie Web, Crypto Genie.jl 0-day, Julia deserialization, Bit flipping
Avatar Web Redis SSRF, CRLF injection, POP chain
Welcome to TSJ CTF Web, Misc, CSC .DS_Store, Guessing

AIS3 EOF CTF

2023 Final

Name Category Description
WoW KoH Web-based 2D battle royale game

2023 Quals

Name Category Description
Monsieur de Paris Misc Python multiprocessing RPC (pickle)

2022 Final

Name Category Description
npy viewer Web 0-day in jpickle
Imgura Final Web, A&D PHP A&D challenge

2022 Quals

Name Category Description
SSRF challenge or not? Web file://, signed pickle cookie, Bottle
Happy Metaverse Year Web Union+blind based SQLi
babyphp Web .htaccess, php://filters chain
GistMD Web JSONP, DOM clobbering
Imgura album Web Path traversal, PHP session , POP chain in Flight framework
PM Web FPM SSRF
LeetCall Misc Write Python with only Call, Name and Constant nodes
babyheap Misc argument injection (wget, zip)

2021 Quals

Name Category Keywords
WTF Web php wrapper, file command
CYBERPUNK 1977 Web SQL injection, quine, python format string
CTF Note Web prototype pollution (gadget in markdown-js), DOM clobbering, RPO
3DUSH3LL Misc Pyjail

2021 Final

All of my challenges in this CTF are related to Python XD

Name Category Keywords
Pikora Misc PPC but use pickle
Cat Translator Misc Troll, PyJail
Cat Slayer Reverse Python bytecode (pvc)

AIS3 Pre-Exam

2022

Name Category Description
Double AES Crypto OFB(ECB(data)), cut & paste, JSON
ASTJail Misc PyJail
TariTari Web Warmup, path traversal, command injection
Best Login UI Web NoSQL injection
Emoji DB Web SQL Server SQL injection
Gallery Web Upload SVG to XSS, default-src 'self'

2021

Web | Reverse | Misc

Name Category Keywords
🐰 Peekora πŸ₯’ Reverse Pickle Bytecode
ⲩⲉⲧ β²β²›β²Ÿβ²§β²β²‰κž… π“΅β²Ÿπ“°β²“β²› ⲣⲁ𝓰ⲉ Web JSON injection
【5/22 ι‡θ¦ε…¬ε‘Šγ€‘ Web LFI, SQL injection, Command injection
XSS Me Web XSS with length limit
Cat Slayerᴡⁿᡛᡉʳ˒ᡉ Web Java Deserialization, Reflection
Cat Slayer | Cloud Edition Misc Pickle, ECB Cut&Paste
Cat Slayer | Online Edition Misc Game, Python Sandbox

About

🏴 🏴 🏴

Topics

Resources

Stars

Watchers

Forks

Releases

No releases published

Packages

No packages published