CyberGame 2026 – Flappy Challenge Writeup

This challenge presents a seemingly innocent Flappy Bird browser game, compiled from Rust to WebAssembly. Beneath the nostalgic gameplay lies a fully functional credential-stealing phishing kit. After a "Game Over" event, the game prompts the user with a pixel-perfect fake Google OAuth sign-in dialog, claiming to "save your score to the leaderboard." Any credentials entered are silently XOR-encrypted using a key fetched from a…

https://kore.one/cybergame-2026-flappy-challenge-writeup/?utm_source=mastodon&utm_medium=jetpack_social

Break The Syntax CTF 2026 – bugxxor Challenge Writeup

bugxxor is a small Django (4.2) bug-tracking style web application served behind gunicorn in a Kubernetes pod. Authenticated users can register, log in, write "bug reports" (posts) and view a feed. A protected endpoint /flag/ reveals the flag, but it is locked behind is_superuser. The interesting feature — and the source of the vulnerability — is that posts are not just stored and rendered as plain text: the post…

https://kore.one/break-the-syntax-ctf-2026-bugxxor-challenge-writeup/?utm_source=mastodon&utm_medium=jetpack_social

CyberGame 2026 – safeps2 Challenge Writeup

This challenge presents a hardened PowerShell sandbox environment called "SAFEPSv2". Players are given access to a restricted PowerShell shell that implements multiple layers of input filtering and command restrictions. The goal is to bypass these security measures and extract the flag stored in a PowerShell variable $FLAG. The challenge is a continuation of a previous "JailPS" challenge safeps, with significantly enhanced…

https://kore.one/cybergame-2026-safeps2-challenge-writeup/?utm_source=mastodon&utm_medium=jetpack_social

CyberGame 2026 – safeps Challenge Writeup

This challenge presents a PowerShell Jail Escape scenario, a common category in CTF competitions where participants must break out of a restricted shell environment. The challenge implements a "safe" PowerShell interpreter that attempts to limit user commands to a predefined whitelist while blocking dangerous cmdlets and constructs through blacklist filtering. PowerShell jail escapes typically exploit one or more of the…

https://kore.one/cybergame-2026-safeps-challenge-writeup/?utm_source=mastodon&utm_medium=jetpack_social

Break The Syntax CTF 2026 – SeaShells Challenge Writeup

SeaShells is a multi-stage web exploitation challenge that chains together a modern framework vulnerability with classic Linux privilege escalation techniques. The target is a Next.js (App Router) web application running on a remote Kubernetes-hosted server, reachable via an SSH tunnel. The intended attack path consists of three distinct phases: Initial foothold — Exploit a critical deserialization vulnerability…

https://kore.one/break-the-syntax-ctf-2026-seashells-challenge-writeup/?utm_source=mastodon&utm_medium=jetpack_social

Break The Syntax CTF 2026 – zabbix Challenge Writeup

The challenge mimics a real-world social-engineering / phishing scenario after a database leak. An "intern" politely shares the SHA-256 hash of the user's existing password and asks them to set a new, different one. The catch is purely operational: the player is the attacker — there is no need to "change" anything. The hash itself is the entry ticket into the application.

https://kore.one/break-the-syntax-ctf-2026-zabbix-challenge-writeup/?utm_source=mastodon&utm_medium=jetpack_social

Break The Syntax CTF 2026 – cart-blanche Challenge Writeup

cart-blanche is a black-box web challenge: there are no source files provided in the workspace. The only artifact is a live WordPress instance running WooCommerce, reachable at The site presents itself as a small webshop with a corporate blog. The blog posts are not just decoration — they are an in-character "architecture retrospective" written by a fictional developer (

https://kore.one/break-the-syntax-ctf-2026-cart-blanche-challenge-writeup/?utm_source=mastodon&utm_medium=jetpack_social

Break The Syntax CTF 2026 – far Challenge Writeup

far is a PHP web application that simulates a small SaaS-style "archive storage / billing" panel. Authenticated users can manage clients, manage their own profile (including an avatar upload), and export a PDF revenue report. The PDF is generated server-side using the third-party library mpdf/mpdf, version 8.2.6. The flag is stored at /flag.txt inside the container as a normal text file (

https://kore.one/break-the-syntax-ctf-2026-far-challenge-writeup/?utm_source=mastodon&utm_medium=jetpack_social