Incident reports from the field. Each entry documents the attack path, toolset, and key takeaways from completed challenges.
Extracted hidden data from image files → Identified RSA public key and ciphertext → Utilized cryptographic attacks to decrypt the underlying flag.
Analyzed web input field for the "echo" utility → Bypassed client-side sanitization → Injected shell metacharacters (;) to execute arbitrary OS commands and retrieve the hidden flag.
Explored the target system permissions via `sudo -l` → Identified a misconfigured binary that could be executed with root privileges without a password → Abused binary features to drop into a root shell.
Loaded provided system timeline logs and artifacts → Scanned through event histories searching for suspicious timeline changes → Correlated user activity to successfully trace the inserted flag.
Intercepted a binary string provided by the challenge → Converted base-2 (binary) data to base-10 (decimal) and then to ASCII characters → Pieced together the underlying hidden flag format.
Identified a network utility web interface wrapping the system ping command → Injected logical bash operators (&&, |) into the IP field → Achieved Remote Code Execution and retrieved flag.txt.
Decompiled the target executable → Analyzed string comparisons and memory registers → Constructed the correct verification input to extract the flag.
Identified a Caesar/ROT-based cipher text → Iterated through shift values → Successfully exposed the plaintext flag format.
Analyzed multi-layered polyalphabetic cipher → Deduced the key length using Kasiski examination → Applied key to decrypt the ciphertext flag.
Inspected exposed .git repository directory → Navigated through commit history and branches → Recovered deleted files containing the target flag.
Analyzed browser response headers → Forged and injected an outdated admin session cookie → Bypassed authentication to reveal the flag.
Compiled social profiling data into a custom wordlist → Executed dictionary attack against target hash → Successfully cracked the user's password.
Analyzed fractured payload strings across multiple files → Wrote a python script to parse and reassemble the fragments → Executed final output to reveal the flag.
Analyzed a PCAP file containing local network traffic → Extracted SMB protocol traces → Reconstructed an insecurely printed document containing the flag.
Intercepted weak parameters in a Key Exchange sequence → Exploited compromised prime numbers → Calculated the shared secret key to decrypt the payload.
Analyzed obfuscated binary operations → Reverse engineered the byte-manipulation logic step-by-step → Rebuilt the decryption function to unpack the flag.