# 2021 - [hxp CTF 2021](https://ctf.zeyu2001.com/2021/hxp-ctf-2021.md) - [HTX Investigator's Challenge 2021](https://ctf.zeyu2001.com/2021/htx-investigators-challenge-2021.md) - [Metasploit Community CTF](https://ctf.zeyu2001.com/2021/metasploit-community-ctf.md): Hosted by Rapid7 from 4 Dec to 7 Dec 2021 - [MetaCTF CyberGames](https://ctf.zeyu2001.com/2021/metactf-cybergames.md): MetaCTF's 7th annual virtual jeopardy-style CTF, held from 4 Dec to 6 Dec 2021 - [Look, if you had one shot](https://ctf.zeyu2001.com/2021/metactf-cybergames/look-if-you-had-one-shot.md) - [Custom Blog](https://ctf.zeyu2001.com/2021/metactf-cybergames/custom-blog.md) - [Yummy Vegetables](https://ctf.zeyu2001.com/2021/metactf-cybergames/yummy-vegetables.md) - [Ransomware Patch](https://ctf.zeyu2001.com/2021/metactf-cybergames/ransomware-patch.md) - [I Hate Python](https://ctf.zeyu2001.com/2021/metactf-cybergames/i-hate-python.md) - [Interception](https://ctf.zeyu2001.com/2021/metactf-cybergames/interception.md) - [CyberSecurityRumble CTF](https://ctf.zeyu2001.com/2021/cybersecurityrumble-ctf.md) - [Lukas App](https://ctf.zeyu2001.com/2021/cybersecurityrumble-ctf/lukas-app.md) - [Finance Calculat0r 2021](https://ctf.zeyu2001.com/2021/cybersecurityrumble-ctf/finance-calculat0r-2021.md) - [Personal Encryptor with Nonbreakable Inforation-theoretic Security](https://ctf.zeyu2001.com/2021/cybersecurityrumble-ctf/personal-encryptor-with-nonbreakable-inforation-theoretic-security.md) - [Enterprice File Sharing](https://ctf.zeyu2001.com/2021/cybersecurityrumble-ctf/enterprice-file-sharing.md) - [Payback](https://ctf.zeyu2001.com/2021/cybersecurityrumble-ctf/payback.md) - [Stonks Street Journal](https://ctf.zeyu2001.com/2021/cybersecurityrumble-ctf/stonks-street-journal.md) - [The InfoSecurity Challenge (TISC) 2021](https://ctf.zeyu2001.com/2021/the-infosecurity-challenge-tisc-2021.md): TISC is an online challenge organised by CSIT since 2020. It provides opportunities for interested Singaporeans to put their cybersecurity and programming skills to the test by solving challenging puz - [Level 4 - The Magician's Den](https://ctf.zeyu2001.com/2021/the-infosecurity-challenge-tisc-2021/level-4-the-magicians-den.md) - [Level 3 - Needle in a Greystack](https://ctf.zeyu2001.com/2021/the-infosecurity-challenge-tisc-2021/level-3-needle-in-a-greystack.md) - [Level 2 - Dee Na Saw as a need](https://ctf.zeyu2001.com/2021/the-infosecurity-challenge-tisc-2021/level-2-dee-na-saw-as-a-need.md) - [Level 1 - Scratching the Surface](https://ctf.zeyu2001.com/2021/the-infosecurity-challenge-tisc-2021/level-1-scratching-the-surface.md) - [SPbCTF's Student CTF Quals](https://ctf.zeyu2001.com/2021/spbctfs-student-ctf-quals.md): Student CTF is a novice-level Capture The Flag organized by SPbCTF and supported by St. Petersburg Committee for Science and Higher Education. - [31 Line PHP](https://ctf.zeyu2001.com/2021/spbctfs-student-ctf-quals/31-line-php.md) - [BLT](https://ctf.zeyu2001.com/2021/spbctfs-student-ctf-quals/blt.md) - [CatStep](https://ctf.zeyu2001.com/2021/spbctfs-student-ctf-quals/catstep.md) - [Asian Cyber Security Challenge (ACSC) 2021](https://ctf.zeyu2001.com/2021/asian-cyber-security-challenge-acsc-2021.md): The ACSC is the regional final of the International Cybersecurity Challenge (ICC) — a global CTF competition, supported by the European Union Agency for Cybersecurity (ENISA). - [Cowsay As A Service](https://ctf.zeyu2001.com/2021/asian-cyber-security-challenge-acsc-2021/cowsay-as-a-service.md): Prototype pollution leads to RCE - [Favorite Emojis](https://ctf.zeyu2001.com/2021/asian-cyber-security-challenge-acsc-2021/favorite-emojis.md): Prerender dynamic rendering leads to SSRF - [Baby Developer](https://ctf.zeyu2001.com/2021/asian-cyber-security-challenge-acsc-2021/baby-developer.md): Directory traversal in insecure Vitepress development server leads to information disclosure through SSRF - [API](https://ctf.zeyu2001.com/2021/asian-cyber-security-challenge-acsc-2021/api.md): Logic error in user authentication - [RSA Stream](https://ctf.zeyu2001.com/2021/asian-cyber-security-challenge-acsc-2021/rsa-stream.md): RSA common modulus attack - [Filtered](https://ctf.zeyu2001.com/2021/asian-cyber-security-challenge-acsc-2021/filtered.md): Buffer overflow with a flawed length check - [NYONG Coin](https://ctf.zeyu2001.com/2021/asian-cyber-security-challenge-acsc-2021/nyong-coin.md): EnCase forensics - [CSAW CTF Qualification Round 2021](https://ctf.zeyu2001.com/2021/csaw-ctf-qualification-round-2021.md): Hosted by members of NYU Tandon School of Engineering’s OSIRIS Lab - [Save the Tristate](https://ctf.zeyu2001.com/2021/csaw-ctf-qualification-round-2021/save-the-tristate.md): Quantum Key Distribution (QKD) - [securinotes](https://ctf.zeyu2001.com/2021/csaw-ctf-qualification-round-2021/securinotes.md): Meteor NoSQL Injection - [no pass needed](https://ctf.zeyu2001.com/2021/csaw-ctf-qualification-round-2021/no-pass-needed.md): Filtered SQL injection - [Gatekeeping](https://ctf.zeyu2001.com/2021/csaw-ctf-qualification-round-2021/gatekeeping.md): Bypassing Nginx directive through manipulating Gunicorn WSGI variables - [Ninja](https://ctf.zeyu2001.com/2021/csaw-ctf-qualification-round-2021/ninja.md): Flask Server-Side Template Injection (SSTI) - [YauzaCTF 2021](https://ctf.zeyu2001.com/2021/yauzactf-2021.md): Hosted by SFT0 from BMSTU - [Yauzacraft Pt. 2](https://ctf.zeyu2001.com/2021/yauzactf-2021/yauzacraft-pt.-2.md): Unrestricted file upload leads to PHP webshell - [Yauzabomber](https://ctf.zeyu2001.com/2021/yauzactf-2021/yauzabomber.md): Server-Side Template Injection (SSTI) in SMS template - [RISC 8bit CPU](https://ctf.zeyu2001.com/2021/yauzactf-2021/risc-8bit-cpu.md): Writing an emulator / disassembler - [ARC6969 Pt. 1](https://ctf.zeyu2001.com/2021/yauzactf-2021/arc6969-pt.-1.md): Writing an emulator / disassembler - [ARC6969 Pt. 2](https://ctf.zeyu2001.com/2021/yauzactf-2021/arc6969-pt.-2.md): Writing an emulator / disassembler - [Back in 1986 - User](https://ctf.zeyu2001.com/2021/yauzactf-2021/back-in-1986-user.md): Morris Worm - fingerd Stack Buffer Overflow and Cron Job misconfiguration - [Lorem-Ipsum](https://ctf.zeyu2001.com/2021/yauzactf-2021/lorem-ipsum.md): Zero-Width Space (ZWSP) Stegonography - [InCTF 2021](https://ctf.zeyu2001.com/2021/inctf-2021.md): The fifth international edition of InCTF, hosted by team bi0s - [Notepad 1 - Snakehole's Secret](https://ctf.zeyu2001.com/2021/inctf-2021/notepad-1-snakeholes-secret.md): Stored XSS and Response Header Injection Leads to CSRF - [RaaS](https://ctf.zeyu2001.com/2021/inctf-2021/raas.md): SSRF using Gopher protocol leads to tampering of Redis key-value store - [MD Notes](https://ctf.zeyu2001.com/2021/inctf-2021/md-notes.md): postMessage information disclosure leads to stored XSS - [Shell Boi](https://ctf.zeyu2001.com/2021/inctf-2021/shell-boi.md): Unencrypted remote shell leads to TCP session hijacking and RCE through man-in-the-middle (MITM) attack - [Listen](https://ctf.zeyu2001.com/2021/inctf-2021/listen.md): Basic packet sniffing and analysis - [Ermittlung](https://ctf.zeyu2001.com/2021/inctf-2021/ermittlung.md): Basic memory forensics - [Alpha Pie](https://ctf.zeyu2001.com/2021/inctf-2021/alpha-pie.md): Breadth-first Search algorithm for a fun programming task - [UIUCTF 2021](https://ctf.zeyu2001.com/2021/uiuctf-2021.md): UIUCTF is an annual Capture the Flag competition run by undergraduate students at the University of Illinois at Urbana-Champaign (UIUC). - [pwnies\_please](https://ctf.zeyu2001.com/2021/uiuctf-2021/pwnies_please.md): Adversarial attack on an image classifier using the Fast Gradient Sign Method (FGSM) - [yana](https://ctf.zeyu2001.com/2021/uiuctf-2021/yana.md): GitHub Pages subdomain takeover and cache probing XS-Leak - [ponydb](https://ctf.zeyu2001.com/2021/uiuctf-2021/ponydb.md): SQL injection and truncation attack - [SUPER](https://ctf.zeyu2001.com/2021/uiuctf-2021/super.md): Decoding an XOR-encoded file gives us an MS-DOS VHD - [Q-Rious Transmissions](https://ctf.zeyu2001.com/2021/uiuctf-2021/q-rious-transmissions.md): Superdense coding quantum communication protocol - [capture the :flag:](https://ctf.zeyu2001.com/2021/uiuctf-2021/capture-the-flag.md): LSB steganography - [back\_to\_basics](https://ctf.zeyu2001.com/2021/uiuctf-2021/back_to_basics.md): Simple beginner challenge about base-n encodings - [buy\_buy\_buy](https://ctf.zeyu2001.com/2021/uiuctf-2021/buy_buy_buy.md): A Discord marketplace! - [Google CTF 2021](https://ctf.zeyu2001.com/2021/google-ctf-2021.md): Annual Capture The Flag hosted by the Google Security Team. - [CPP](https://ctf.zeyu2001.com/2021/google-ctf-2021/cpp.md): We have this program's source code, but it uses a strange DRM solution. Can you crack it? - [Filestore](https://ctf.zeyu2001.com/2021/google-ctf-2021/filestore.md): We stored our flag on this platform, but forgot to save the id. Can you help us restore it? - [TyphoonCon CTF 2021](https://ctf.zeyu2001.com/2021/typhooncon-ctf-2021.md): Hosted by SSD Secure Disclosure - [Clubmouse](https://ctf.zeyu2001.com/2021/typhooncon-ctf-2021/clubmouse.md) - [Impasse](https://ctf.zeyu2001.com/2021/typhooncon-ctf-2021/impasse.md) - [DSTA BrainHack CDDC21](https://ctf.zeyu2001.com/2021/dsta-brainhack-cddc21.md) - [File It Away (Pwn)](https://ctf.zeyu2001.com/2021/dsta-brainhack-cddc21/file-it-away-pwn.md) - [Linux Rules the World! (Linux)](https://ctf.zeyu2001.com/2021/dsta-brainhack-cddc21/linux-rules-the-world-linux.md) - [Going Active (Reconnaissance)](https://ctf.zeyu2001.com/2021/dsta-brainhack-cddc21/going-active-reconnaissance.md) - [Behind the Mask (Windows)](https://ctf.zeyu2001.com/2021/dsta-brainhack-cddc21/behind-the-mask-windows.md) - [Web Takedown Episode 2 (Web)](https://ctf.zeyu2001.com/2021/dsta-brainhack-cddc21/web-takedown-episode-2-web.md) - [Break it Down (Crypto)](https://ctf.zeyu2001.com/2021/dsta-brainhack-cddc21/break-it-down-crypto.md) - [BCACTF 2.0](https://ctf.zeyu2001.com/2021/bcactf-2.0.md): I didn't have much time to play this one, but the challenges that I did try were definitely fun! - [L10N Poll](https://ctf.zeyu2001.com/2021/bcactf-2.0/l10n-poll.md): jsonwebtoken authentication bypass vulnerability. - [Challenge Checker](https://ctf.zeyu2001.com/2021/bcactf-2.0/challenge-checker.md): PyYAML deserialisation vulnerability (CVE-2020-14343). - [Discrete Mathematics](https://ctf.zeyu2001.com/2021/bcactf-2.0/discrete-mathematics.md): Buffer overflow, with a ROP chain. - [Advanced Math Analysis](https://ctf.zeyu2001.com/2021/bcactf-2.0/advanced-math-analysis.md): Buffer overflow, with a strcmp() check. - [Math Analysis](https://ctf.zeyu2001.com/2021/bcactf-2.0/math-analysis.md): Classic buffer overflow. - [American Literature](https://ctf.zeyu2001.com/2021/bcactf-2.0/american-literature.md): Format string vulnerability. - [More Than Meets the Eye](https://ctf.zeyu2001.com/2021/bcactf-2.0/more-than-meets-the-eye.md): Zero-width space (ZWSP) - [􃗁􌲔􇺟􊸉􁫞􄺷􄧻􃄏􊸉](https://ctf.zeyu2001.com/2021/bcactf-2.0/undefined.md): Unicode substitution cipher. - [Zh3ro CTF V2](https://ctf.zeyu2001.com/2021/zh3ro-ctf-v2.md): Web and Crypto challenges from Zh3r0 CTF V2 hosted from 4 June - 6 June 2021! - [Chaos](https://ctf.zeyu2001.com/2021/zh3ro-ctf-v2/chaos.md): Collisions in the chaotic hash function. - [Twist and Shout](https://ctf.zeyu2001.com/2021/zh3ro-ctf-v2/twist-and-shout.md): Recovering the internal state of Python's Mersenne Twister PRNG. - [1n\_jection](https://ctf.zeyu2001.com/2021/zh3ro-ctf-v2/1n_jection.md) - [alice\_bob\_dave](https://ctf.zeyu2001.com/2021/zh3ro-ctf-v2/alice_bob_dave.md): Common factor in RSA modulus. - [Baby SSRF](https://ctf.zeyu2001.com/2021/zh3ro-ctf-v2/baby-ssrf.md): SSRF blacklist bypass enabled internal port scan and access to hidden endpoints. - [bxxs](https://ctf.zeyu2001.com/2021/zh3ro-ctf-v2/bxxs.md): XSS leads to information leakage of hidden endpoint and authentication bypass. - [Sparta](https://ctf.zeyu2001.com/2021/zh3ro-ctf-v2/sparta.md): node.js deserialization vulnerability leads to RCE. - [Pwn2Win CTF 2021](https://ctf.zeyu2001.com/2021/pwn2win-ctf-2021.md): As one of the DEFCON pre-qualifiers, this was definitely a challenging CTF. The challenges were high-quality, and felt extremely realistic. - [C'mon See My Vulns](https://ctf.zeyu2001.com/2021/pwn2win-ctf-2021/cmon-see-my-vulns.md): PHP eval(), LD\_PRELOAD RCE - [Illusion](https://ctf.zeyu2001.com/2021/pwn2win-ctf-2021/illusion.md): JavaScript Prototype Injection - [NorzhCTF 2021](https://ctf.zeyu2001.com/2021/norzhctf-2021.md): This was my first time doing a Hack Quest CTF. The challenges were quite fun, especially because they are more realistic than most CTF challenges. - [Leet Computer](https://ctf.zeyu2001.com/2021/norzhctf-2021/leet-computer.md): Pentesting, Ghidra JDWP RCE, Sudo Misconfiguration, NSE Scripting - [Secure Auth v0](https://ctf.zeyu2001.com/2021/norzhctf-2021/secure-auth-v0.md): Reverse Engineering - [Triskel 3: Dead End](https://ctf.zeyu2001.com/2021/norzhctf-2021/triskel-3-dead-end.md): Werkzeug Debugger Console RCE - [Triskel 2: Going In](https://ctf.zeyu2001.com/2021/norzhctf-2021/triskel-2-going-in.md): SQL Injection - [Triskel 1: First Contact](https://ctf.zeyu2001.com/2021/norzhctf-2021/triskel-1-first-contact.md): Server-side Request Forgery (SSRF) - [Discovery](https://ctf.zeyu2001.com/2021/norzhctf-2021/discovery.md) - [DawgCTF 2021](https://ctf.zeyu2001.com/2021/dawgctf-2021.md): Hosted by the UMBC CyberDawgs. - [Bofit](https://ctf.zeyu2001.com/2021/dawgctf-2021/bofit.md): Buffer overflow - [Jellyspotters](https://ctf.zeyu2001.com/2021/dawgctf-2021/jellyspotters.md): Python pickle deserialisation - [No Step On Snek](https://ctf.zeyu2001.com/2021/dawgctf-2021/no-step-on-snek.md): Python input() vulnerability - [Back to the Lab 2](https://ctf.zeyu2001.com/2021/dawgctf-2021/back-to-the-lab-2.md): LabVIEW - [MDL Considered Harmful](https://ctf.zeyu2001.com/2021/dawgctf-2021/mdl-considered-harmful.md): ImageMagick CVE-2016-3717 - [Really Secure Algorithm](https://ctf.zeyu2001.com/2021/dawgctf-2021/really-secure-algorithm.md): Wiener's attack on RSA - [The Obligatory RSA Challenge](https://ctf.zeyu2001.com/2021/dawgctf-2021/the-obligatory-rsa-challenge.md): RSA with factorable n - [Trash Chain](https://ctf.zeyu2001.com/2021/dawgctf-2021/trash-chain.md): Reverse engineering a hash function - [What the Flip?!](https://ctf.zeyu2001.com/2021/dawgctf-2021/what-the-flip.md): AES CBC Byte Flipping Attack - [Back to the Lab 1](https://ctf.zeyu2001.com/2021/dawgctf-2021/back-to-the-lab-1.md): LabVIEW - [Back to the Lab 3](https://ctf.zeyu2001.com/2021/dawgctf-2021/back-to-the-lab-3.md): LabVIEW - [Dr. Hrabowski's Great Adventure](https://ctf.zeyu2001.com/2021/dawgctf-2021/dr.-hrabowskis-great-adventure.md): SQL Injection - [Just a Comment](https://ctf.zeyu2001.com/2021/dawgctf-2021/just-a-comment.md): Wireshark - [Baby's First Modulation](https://ctf.zeyu2001.com/2021/dawgctf-2021/babys-first-modulation.md): GNURadio - [Two Truths and a Fib](https://ctf.zeyu2001.com/2021/dawgctf-2021/two-truths-and-a-fib.md): Programming - [UMDCTF 2021](https://ctf.zeyu2001.com/2021/umdctf-2021.md): What a fun CTF! Cheers to my team, Social Engineering Xperts for placing 8th overall. - [Advantageous Adventures](https://ctf.zeyu2001.com/2021/umdctf-2021/advantageous-adventures.md) - [Roy's Randomness](https://ctf.zeyu2001.com/2021/umdctf-2021/roys-randomness.md) - [Whose Base Is It Anyway](https://ctf.zeyu2001.com/2021/umdctf-2021/whose-base-is-it-anyway.md) - [Cards Galore](https://ctf.zeyu2001.com/2021/umdctf-2021/cards-galore.md) - [Pretty Dumb File](https://ctf.zeyu2001.com/2021/umdctf-2021/pretty-dumb-file.md) - [Minetest](https://ctf.zeyu2001.com/2021/umdctf-2021/minetest.md) - [Donnie Docker](https://ctf.zeyu2001.com/2021/umdctf-2021/donnie-docker.md) - [Subway](https://ctf.zeyu2001.com/2021/umdctf-2021/subway.md) - [Jump Not Easy](https://ctf.zeyu2001.com/2021/umdctf-2021/jump-not-easy.md) - [To Be XOR Not To Be](https://ctf.zeyu2001.com/2021/umdctf-2021/to-be-xor-not-to-be.md) - [Office Secrets](https://ctf.zeyu2001.com/2021/umdctf-2021/office-secrets.md) - [L33t M4th](https://ctf.zeyu2001.com/2021/umdctf-2021/l33t-m4th.md) - [Bomb 2 - Mix Up](https://ctf.zeyu2001.com/2021/umdctf-2021/bomb-2-mix-up.md) - [Jay](https://ctf.zeyu2001.com/2021/umdctf-2021/jay.md) - [Midnight Sun CTF 2021](https://ctf.zeyu2001.com/2021/midnight-sun-ctf.md) - [Corporate MFA](https://ctf.zeyu2001.com/2021/midnight-sun-ctf/corporate-mfa.md): PHP object injection (deserialization vulnerability) - [Gurkburk](https://ctf.zeyu2001.com/2021/midnight-sun-ctf/gurkburk.md): Python pickle deserialization vulnerability - [Backups](https://ctf.zeyu2001.com/2021/midnight-sun-ctf/backups.md): RSA factordb attack - [picoCTF 2021](https://ctf.zeyu2001.com/2021/picoctf.md): This CTF was a blast! I enjoyed many of the Web Exploitation challenges in particular. Here are some of the more interesting challenges I solved. - [It Is My Birthday (100)](https://ctf.zeyu2001.com/2021/picoctf/it-is-my-birthday-100.md): MD5 collisions - [Super Serial (130)](https://ctf.zeyu2001.com/2021/picoctf/super-serial-130.md): PHP object injection (deserialization vulnerability) - [Most Cookies (150)](https://ctf.zeyu2001.com/2021/picoctf/most-cookies-150.md): Flask client-side sessions, cookie forgery - [Startup Company (180)](https://ctf.zeyu2001.com/2021/picoctf/startup-company-180.md): SQLite injection - [X marks the spot (250)](https://ctf.zeyu2001.com/2021/picoctf/x-marks-the-spot-250.md): Blind XPath injection - [Web Gauntlet (170 + 300)](https://ctf.zeyu2001.com/2021/picoctf/web-gauntlet-170-+-300.md): Filtered SQLite injection - [Easy Peasy (40)](https://ctf.zeyu2001.com/2021/picoctf/easy-peasy-40.md): One-time-pad (OTP) key reuse - [Mini RSA (70)](https://ctf.zeyu2001.com/2021/picoctf/mini-rsa-70.md): RSA with low exponent - [Dachshund Attacks (80)](https://ctf.zeyu2001.com/2021/picoctf/dachshund-attacks-80.md): Wiener's attack - [No Padding, No Problem (90)](https://ctf.zeyu2001.com/2021/picoctf/no-padding-no-problem-90.md): RSA chosen-ciphertext attack (CCA) - [Trivial Flag Transfer Protocol (90)](https://ctf.zeyu2001.com/2021/picoctf/trivial-flag-transfer-protocol-90.md): Wireshark + steganography - [Wireshark twoo twooo two twoo... (100)](https://ctf.zeyu2001.com/2021/picoctf/wireshark-twoo-twooo-two-twoo...-100.md): DNS exfiltration - [Disk, Disk, Sleuth! (110 + 130)](https://ctf.zeyu2001.com/2021/picoctf/disk-disk-sleuth-110-+-130.md): Disk image analysis - [Stonks (20)](https://ctf.zeyu2001.com/2021/picoctf/stonks-20.md): Format string vulnerability - [DSO-NUS CTF 2021](https://ctf.zeyu2001.com/2021/dso-nus-ctf.md) - [Insecure (100)](https://ctf.zeyu2001.com/2021/dso-nus-ctf/insecure-100.md): Privilege escalation through SUID files and PATH variable manipulation - [Easy SQL (200)](https://ctf.zeyu2001.com/2021/dso-nus-ctf/easy-sql-200.md): Filtered MariaDB injection, stacked queries --- # Agent Instructions: Querying This Documentation If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question. Perform an HTTP GET request on the current page URL with the `ask` query parameter: ``` GET https://ctf.zeyu2001.com/2021.md?ask= ``` The question should be specific, self-contained, and written in natural language. The response will contain a direct answer to the question and relevant excerpts and sources from the documentation. Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.