Intro It all started when CK asked me if I could create challenges for this year’s HITCON CTF. As a retired CTF player, I initially replied, “Well… maybe? I’ll see what I can come up with, but ther...

Intro Fourchain - Hypervisor is a pwnable challenge created by Billy ( @st424204 ) for HITCON CTF 2022. It serves as the 4th stage of the Fourchain series – a VM Escape challenge which requires ch...

Fourchain is a series of challenges created by me and Billy ( @st424204 ) for HITCON CTF 2022. The series consists of five pwnable challenges – Hole ( V8 pwn ), Sandbox ( Chromium sandbox escaping ...

Another year of Flare-on challenge ! As a guy who’s interetesed in reverse engineering, this is definitely a great chance for me to practice/sharpen my reversing skills ! This year it has 12 challe...

Flare-on challenge is a Reverse-style CTF challenge created by the FireEye FLARE team. The CTF contains lots of interesting, real-world style reversing challenges ( e.g. de-obfucating binary, malwa...

Recently I’ve decided to migrate my blogging framework from Hexo to Jekyll. Here are some notes that I took for recording the migration process. Install Jekyll Here I created a Dockerfile for my...

Chakrazy is a browser CTF challenge created by team PPP for the 2017 PlaidCTF event. It’s a challenge based on Microsoft’s ChakraCore Javascript engine. You can download the challenge file here. ...

So I’ve been playing with the browser exploitation recently, by studying some browser CTF challenges. So far I’ve tried qwn2own, SGX_Browser and feuerfuchs. qwn2own and SGX_Browser are both grea...

Category: Pwnable 64 bit ELF with PIE, NX, FULL RELRO enabled The program will read a secret string from “secret.txt” and store the string address on stack. Then it will use seccomp to create a...

Category: Pwnable Both binaries are 64 bit ELF, No RELRO, No canary, PIE & NX enabled. Brainfuck1 The program is a simple brainfuck language interpreter: it read input ( brainfuck code ), ...