ctf-challenges

Various CTF (capture the flag) security challenges that I've created

Name	CTF	Category	Description	Year	Writeup
uploaders-revenge	CSAW CTF 2023 Finals	web	Firefox CSP bypass via controlled mimetype	2023	TODO
webhooktester	CSAW CTF 2023 Finals	web	SSRF filter bypassing + Caddy SSRF -> RCE	2023	TODO
rainbow-notes	CSAW CTF 2023	web	DOM clobbering + STTF XS-leak	2023	Writeup
pwnykey	UIUCTF 2023	rev	reversing custom obfuscation of DeviceScript bytecode	2023	Writeup
geminiblog	DiceCTF 2023	misc	bash bugs + SNI injection	2023	Writeup
impossible-xss	DiceCTF 2023	web	XXE in Chrome XSLT	2023	Writeup
jnotes	DiceCTF 2023	web	cookie smuggling / Jetty 0day	2023	Writeup, Writeup
spoink	UIUCTF 2022	web	Pebble Spring SSTI 0day	2022	Writeup (CN), Writeup (JP)
woeby	UIUCTF 2022	web	CSRF+SQLi in OSS search engine	2022	Writeup (CN)
precisionism	UIUCTF 2022	web	harder prefix injection to bypass CORB	2022	Writeup
modernism	UIUCTF 2022	web	prefix injection to bypass CORB	2022	Writeup (CN)
shadow	DiceCTF 2022	web	exfiltration from shadow DOM	2022	Writeup
uploader	N/A	web	fileupload XSS bypassing CSP and mimetype filter	2021	TODO
pwnyIDE	UIUCTF 2021	web	chrome 0day (header length bypass) + cross protocol scripting + 2 node-ftpd 0days (race condition, multiple command smuggling)	2021	Writeup
yana	UIUCTF 2021	web	cache probing xs-leak + cache partitioning bypass	2021	Writeup
essveegee	UIUCTF 2021	web	SVG LFI + file:// directory brute forcing without JS	2021	Writeup (JP)
phpfuck	UIUCTF 2021	jail	PHP RCE in 5 unique chars	2021	Writeup
deserializeme	UIUCTF 2020	misc	PyYAML 0day	2020	Writeup
nookcrypt	UIUCTF 2020	crypto	ECC fault attack	2020	Writeup
fumblr	EasyCTF IV	web	CSRF + CSP bypass	2018	Writeup
Fanfic Studio	EasyCTF IV	pwn	intro heap exploitation	2018	Writeup
qset 1,2,3	ABCTF 2017	ppc	write code in an esolang i made	2017	Writeup
library	EasyCTF 2017	ppc	combinatorics fun	2017	Writeup (CN)
Little Crypto Gambler	ctf(x)	crypto	crack generated LCGs	2016	Writeup
customauth	ctf(x)	crypto/web	ECB ciphertext manipulation	2016	Writeup