BroncoCTF 2026 beginner + forensics + misc writeup — six challenges solved covering an A/H binary-encoded file that decodes to more laughter, a silent nc service with a 76-byte buffer and a one-byte overflow into an adjacent gate variable, an OSINT photo of The Coffee Mill in Oakland with the pizza shop found via odd/even street numbering, a Krita resource bundle whose brush preset PNG carries a zTXt chunk with a kis_text_brush element hiding the flag, two files with a one-line insertion that misaligns a naive diff and hides the payload among case-flip decoys, and a 1251-layer archive stack cycling gzip / tar / bzip2 / 7z / zip whose per-layer 7z password is leaked by content-only encryption keeping filenames in the plaintext header

BroncoCTF 2026 Beginner + Forensics + Misc Writeup: 6 Solved

BroncoCTF 2026 (bronco flag prefix, hosted by Cal Poly Pomona’s Cyber Security Club) rounds out its harder pwn/reverse/web/crypto tracks with three softer categories designed to teach one habit each. Beginner (three challenges) drills on the first-thirty-seconds reflexes: run file(1) before trusting the extension, notice when a file uses exactly two distinct symbols, sweep payload size against a silent nc service until you find the step function. Forensics (one challenge) walks a five-layer format staircase (Krita .bundle → .kpp (PNG) → zTXt chunk → zlib → XML → CDATA-wrapped XML → attribute) where every layer is a well-known standard on its own; the difficulty is only recognising they’re stacked. Misc (two challenges) hides its payload behind a decoy: Spot The Difference uses a one-line insertion to misalign a naive line-by-line diff and case-flips as a Baconian red herring, while Zip, Zip, Hooray! wraps a flag in 1,251 recursive compression layers whose per-layer 7z password is given away by content-only encryption leaving filenames in the plaintext header. ...

July 16, 2026 · 26 min · 5482 words · CyberSecurity Elite Team
BroncoCTF 2026 web + crypto writeup — six challenges solved covering a SQLite LIKE injection where the app leaks its own query tail via a quote reflection and its naive keyword stripper turns ORDER into DER but the payload uses the app's own is_secret column against it, a robots.txt that both disallows a leftover /security dev page revealing password = reverse(username) and carries a base64 comment decoding to the user list with only admin:nimda returning the flag, an /api/config endpoint exposing plaintext credentials for a client-side password compare paired with a /login endpoint that blindly trusts a client-supplied authenticated:true POST body, a 500-derivative calculus gate implemented as pure CSS filter:blur(20px) with the sharp PNG fetched unconditionally from an internal endpoint, a MD5-hex-digest command dispatcher with an uppercase show trap and a program feature that lets a 128-byte MD5 collision block register as a program name so its sibling collision block matches by hash but not by string and falls through to the flag branch, and an XOR one-time pad whose key bytes are drawn only from a 64-character alphabet so every ciphertext byte becomes a per-position membership test that collapses to one candidate after 127 samples

BroncoCTF 2026 Web + Crypto Writeup: 6 Challenges Solved

BroncoCTF 2026 (bronco flag prefix, hosted by Cal Poly Pomona’s Cyber Security Club) shipped a web track built entirely around one lesson repeated four different ways: client-side checks are not access control. Forbidden Archives blows past a naive keyword-stripping WAF by using the app’s own is_secret column against it. Lovely Login puts the entire authentication story in robots.txt (a disallowed /security page + a base64 user list in a comment). Super Secure Server exposes plaintext credentials at /api/config for a client-side compare, and separately its /login endpoint blindly trusts a client-supplied {"authenticated": true} JSON body. Unblur Me implements a “solve 500 derivatives to unlock the image” gate as pure CSS filter: blur(20px) on an <img> that already has the sharp bytes. The crypto track pairs a repeat-encrypt XOR OTP whose 64-character key alphabet leaks structure into every sample (Probably Unbreakable) with a command dispatcher whose MD5-hash-vs-string mismatch inside a program recursion turns a classic 128-byte collision pair into an unlock primitive (Blorg Multiplier). ...

July 16, 2026 · 28 min · 5954 words · CyberSecurity Elite Team
BroncoCTF 2026 pwn + reverse writeup — seven challenges solved covering a seccomp-restricted service allowing only open/read/write solved with a 50-byte x86_64 ORW shellcode, a four-gate gets() overflow chain with an adjacent baby_chicken decoy and an exact 13371337 integer gate ending in a 6776-byte ret2win at win+5 for stack alignment, a Roblox .rbxl binary place file with a Lua sandbox whose read() blocks TypeTag=0 entries but whose write() can mutate the TypeTag with a client-side banned-word filter bypassed via string.char, a 5-day cat simulator game with mood-seeded FNV-mix XOR decrypt past a bonco{almost_there} decoy, valid C++ with song titles substituted for every syntactic token, an ARM64 Mach-O dog simulator with a 6-day rhythm state machine and a Z3-recovered FNV-1a preimage plus a gremlin second speak matching the day-6 owner line, and a Python script XOR-decrypting a hard-coded blob using a SHA-256 of a 300-char slice of its own source

BroncoCTF 2026 Pwn + Reverse Writeup: 7 Challenges Solved

BroncoCTF 2026 (bronco flag prefix, hosted by Cal Poly Pomona’s Cyber Security Club) shipped a pwn track that scales cleanly from “shellcode with one twist” to “server-side Lua sandbox inside a Roblox place file,” and a reverse track that ranges from beginner-friendly Python and C++ up to an ARM64 Mach-O game with a hidden rhythm state machine. What makes the seven challenges in this writeup work together is that every single one telegraphs what it wants: the seccomp banner enumerates the allowed syscalls, the C source is shipped inside the pwn zip so the author’s hardening flags are visible, the Roblox script names include the string SecureDeh9001Server, the fake flag in Cat Simulator uses the prefix bonco{...} on purpose so it’s obviously not right, C++ Unplugged prints The flag is before its output, Dog Simulator’s owner lines say things like “Last day of the week, little gremlin” that map directly to speak-input requirements, and Mirror Mirror embeds the marker string MIRROR_SURFACE_DO_NOT_SCRATCH as its own pivot label. Trained triage means reading those signals as instructions, not decoration. ...

July 16, 2026 · 35 min · 7372 words · CyberSecurity Elite Team
Junior.Crypt 2026 forensic + misc + OSINT writeup — eight challenges solved covering a WinZip-AES phishing corpus filtered by the Portuguese Fatura Emitida subject template, a Cyrillic acrostic ГИТЛОГ hint pointing at git log first-byte SHA-1 abbreviations, MIDI pitch-wheel +2304/-2304 pair steganography over a Tokyo Ghoul theme, SVG glyph paths referenced only through clip-path so they never reach the raster, DOCX customXml/item1.xml carrying a fake revisionLog whose per-step inserted chunks replay the flag, model.pkl calling payload.install_supply_chain_probe with a LedgerModel.infer backdoor triggered by a four-word history hash, Grodno fire watchtower mural identification, and Belarusian Higher League broadcast clock reading

Junior.Crypt 2026 Forensic + Misc + OSINT Writeup: 8 Solved

Junior.Crypt 2026 (grodno flag prefix) rounded out its web, crypto, pwn, and reverse tracks with three softer categories that are still surprisingly rich: forensic (two challenges), misc (four), and OSINT (two). None of them require heavy tooling: every solve in this writeup is either a stdlib Python script, a browser render of an extracted SVG fragment, an unzip -l size disparity, or a bilingual Yandex reverse-image query. What the eight challenges do share is a pattern-recognition discipline that a defender’s eye can be trained on: password-protected malware zips (Infected password → live samples), first-byte-of-SHA-1 covert channels in git log, pitch-wheel event pairs as a MIDI bit channel, clip-path references that consume glyph geometry without painting it, customXml/item1.xml outweighing document.xml in a near-empty DOCX, .pyc shipped next to a .pkl that hands the loader RCE, and OSINT chains that lean on Russian-language search over English for post-Soviet targets. ...

July 15, 2026 · 33 min · 6986 words · CyberSecurity Elite Team
Junior.Crypt 2026 web + crypto writeup — seven challenges solved covering newline-based shell command injection through a first-line-only validator, HS256 JWT with a wordlist-cracked butterfly secret, timestamp-seeded RSA key generation with 604800 candidates, offline Vaudenay CBC padding-oracle replay from a timing trace, Franklin-Reiter with e=3 and a known affine relation, LCG with 20-bit truncated seed, and many-time pad recovered by multiset match against a fixed template

Junior.Crypt 2026 Web + Crypto Writeup: 7 Challenges Solved

Junior.Crypt 2026 (grodno flag prefix) shipped a web track with two well-designed misuse challenges and a crypto track built almost entirely around a single Portal / Aperture Science theme where every flag payload spells out its own vulnerability class in leetspeak: “still alive but GLaDOS keeps rewriting messages” is Franklin-Reiter over e = 3; “this was a triumph but the seed was too small” is a 20-bit truncated LCG; “companion cube this is strictly a many-time pad” is a template-driven multiset-match recovery; “neurotoxin diagnostics leak through timing alone” is an offline Vaudenay CBC padding-oracle attack replayed from a recorded 98,304-record timing trace. The web track’s Pulse challenge lets you inject a shell command through a validator that only checks the first line of a batch input, while Wrodle ships an HS256 game-state JWT whose secret is butterfly from any modern wordlist. ...

July 15, 2026 · 29 min · 6063 words · CyberSecurity Elite Team
Junior.Crypt 2026 pwn + reverse writeup — four challenges solved covering negative-index array OOB with cookie-encoded function pointers, session-to-sink UAF type confusion with pipelined race and fake vtable, reclassify-without-realloc heap overflow into adjacent exhibit's routine pointer, and a modified TCC compiler that smuggles a hidden C source with a 512-byte VM blob decrypted by an ELF-relocation-derived key

Junior.Crypt 2026 Pwn + Reverse Writeup: 4 Challenges Solved

Junior.Crypt 2026 (grodno flag prefix) shipped a pwn track with three challenges that each turn a small logic mistake into a controlled indirect call: Clockwork Vault gates its “hidden” slots behind a bounds check that forgets to reject negative indexes, and encodes function pointers with a per-process cookie that leaks through the same primitive; House of Mirage recycles expired session chunks into a sink freelist but leaves the session-table pointer dangling, creating a type-confusion window where a mirror import session profile write rebuilds a live sink’s vtable pointer against a fake vtable planted inside the object; Museum of Echoes reclassifies a small 0x50-byte “whisper” as a large 0xb0-byte “chorus” without reallocating, so the “chorus”-shaped rewrite handler writes 0x5f bytes past the end and stomps the next exhibit’s routine pointer. The reverse challenge, Write The “Кодэ”, ships a statically-linked modified TCC compiler that silently injects a hidden 5884-byte C source containing a 512-byte encrypted vm_blob and a relocation_key() function that derives its decryption key from the compiled binary’s ELF .rela.* entries; recovering the VM and inverting its per-byte state machine yields the flag. ...

July 15, 2026 · 26 min · 5337 words · CyberSecurity Elite Team
R3CTF 2026 writeup — five challenges solved covering Microsoft SEAL CKKS delta recovery, MIPS64r6 pointer-authentication defeat via Spectre speculative PAC-gated load, .NET xoshiro256** state recovery via meet-in-the-middle, Lagrange-basis get_num oracle abuse via base-K polynomial decoding, and a multi-stage forensics chain from PyInstaller game to RDP bitmap cache MetaMask recovery

R3CTF 2026 Writeup: 5 Challenges Solved

R3CTF 2026 is run by r3kapig, and the challenges reflect it: the crypto is a Microsoft SEAL CKKS server whose 240-bit modulus and 188-bit noise leak collapse under 95 approximate modular equations plus a baseline-noise filter; the misc is a full MIPS64r6 SoC in Verilog with a pointer-authentication gate that only fails to one committed mistake but bleeds tag bits through a Spectre-style speculative PAC-gated data-load timed against a cache probe; the two web challenges reduce to (a) recovering a shared .NET 8 xoshiro256** state from 160 leaked outputs via a GF(2) meet-in-the-middle over 34-bit slice choices, and (b) turning a Lagrange-interpolating get_num(nums, index) helper into a base-K polynomial decode that yields 128 linear equations in 128 unknown 16-bit secrets in a single oracle call; and the forensics is a five-stage chain from an encrypted beatmap containing marshalled Python bytecode through an hh.exe-dictionary-encoded C2 transcript to an RDP bitmap cache whose reconstructed tiles show a MetaMask recovery phrase on screen. ...

July 15, 2026 · 30 min · 6314 words · CyberSecurity Elite Team
NoHackNoCTF 2026 writeup — five challenges solved covering AES-CTR nonce reuse, ECDSA nonce-prefix HNP via Python Unicode length expansion, whois-to-Redis SSRF into Jinja2 SSTI, Firefox places.sqlite forensics into ext4 unallocated-block carving, and boarding-gate photo OSINT to a single Jetstar Japan flight number

NoHackNoCTF 2026 Writeup: 5 Challenges Solved

NoHackNoCTF 2026 (NHNC) shipped a small but well-engineered set of challenges where every one of the five bugs pivots on a language-level or protocol-level detail that looks benign until it isn’t: AES-CTR reused with a constant nonce collapses into a one-time pad with a reused pad; an ECDSA nonce whose top 384 bits are SHA384(salt || account) becomes the Hidden Number Problem the moment two “distinct” users can be forced to sign under the same account, arranged by exploiting Python’s str.lower() returning a longer string on Turkish İ; /usr/bin/whois is a full TCP client whose -h HOST -p PORT flags turn a domain-lookup box into a Redis SSRF that writes an RDB snapshot into Flask’s template directory for Jinja2 SSTI; Firefox places.sqlite is a narrative artefact that leads through a Proton Drive share to an ext4 image whose unallocated blocks still hold a torn note’s untorn twin and a WZ-AES ZIP; and a single boarding-gate photograph carries enough EXIF, a legible aircraft registration, and enough background scenery to pin down one specific Jetstar Japan flight from Kansai to Taipei on May 5, 2026. ...

July 11, 2026 · 28 min · 5921 words · CyberSecurity Elite Team
LYKNCTF 2026 forensics writeup — four challenges solved covering PNG metadata XOR, red-channel LSB stego, JPEG-as-PNG ZIP append, and TRON USDT OFAC chain trace

LYKNCTF 2026 Forensics Writeup: 4 Challenges Solved

LYKNCTF 2026’s forensics track is small but well-shaped: four challenges that cover the whole spectrum of file-format triage, from PNG chunk parsing and repeating-key XOR through steganographic LSB extraction and polyglot ZIP appending to a real on-chain USDT trace on TRON that ends at an OFAC-sanctioned wallet before landing in a Bitget hot wallet. Each challenge deliberately ships a decoy layer (an EXIF cover story, an IEND trailer with a fake “password hint,” a .png extension that lies about the container format, a suggestive first hop) that looks like the answer if you stop reading too early. ...

July 11, 2026 · 22 min · 4503 words · CyberSecurity Elite Team
LYKNCTF 2026 pwn writeup — three binary exploitation challenges solved covering non-PIE ret2win, signed-integer length bypass with byte truncation, and off-by-one UAF chained into tcache poisoning, arbitrary read/write, and stack RIP overwrite

LYKNCTF 2026 Pwn Writeup: 3 Challenges Solved

LYKNCTF 2026’s pwn track is short but well-graduated: three challenges that climb from a textbook non-PIE ret2win with no canary, through a signed-integer length check that survives negation and byte truncation before it reaches read(), and up to an off-by-one UAF in a note manager that composes into heap-safe-linking leak, unsorted-bin libc leak, glibc 2.39 tcache poisoning, PIE recovery through a stack scan for a .rodata string pointer, notes-table hijack for arbitrary read/write, upper-stack dump, saved-RIP identification, and a system("/bin/sh") ROP chain, all one binary, one exploit run. ...

July 11, 2026 · 22 min · 4493 words · CyberSecurity Elite Team
Educational content for authorized testing only. · Disclaimer · Editorial Policy · Sitemap