Flare-On 9 Write-up

Hi there! This year is my first time taking part in Flare-On CTF. This year’s Flare-On was held from 1st October 2022 to 12th November 2022. There are a total of 11 challenges in this year’s Flare-On. Do download and reverse engineer the binary as my write-up doesn’t include screenshots the whole reverse engineering process. […]

SANS Holiday Hack Challenge 2021

Hi everyone! This is a write-up on the recent SANS Holiday Hack Challenge CTF. I hope they will be helpful to you. It is my first time trying out SANS Holiday Hack challenge as they host it yearly. If you haven’t tried it out, the main goal of this CTF is to learn. Hence there […]

HackTheBox – BountyHunter Write-up

Hi everyone! Today’s post is on BountyHunter, an easy GNU/Linux HackTheBox machine. This machine was released on 25 July 2021. This machine requires XML External Entities (XXE) with base64 + URL encoding of the whole XML, base64 filtering to leak file contents. Finally, a custom exploit is needed to exploit an eval() vulnerability in a […]

HackTheBox – Blackhole Write-up

Dear readers, Today’s post is on a HackTheBox Misc challenge, Blackhole, created on 13th July 2018. It is quite uncommon for me to do a write-up on Misc challenges as it is usually puzzle-based and no actual technical computing-related knowledge si involved. However, Blackhole requires knowledge of stenography and ciphertexts. Thus, I decided to do […]