ctf

TCP1PCTF was organized by Indonesian and it was opened to anyone. The challenge is solely focus on exploiting deserialization vulnerability and how to chain the gadget to get code execution.

TCP1PCTF was organized by Indonesian and it was opened to anyone. For this challenge specifically, it was really good. I do need to read the source code as well as chaining multiple vulnerabilities such as SQL Injection, SSRF and Insecure Deserialization to get RCE.

This is a web challenge related to TOTP and some bruteforce operation.

This is a boot2root challenge, related to basic OS injection, some real world related account takeover and basic privilages escalation.