My CTF Challenges

A collection of CTF challenges I created for various competitions.

Year	CTF	Challenge	Category	Solves	Docker	Description
2025	0CTF	springduck	Web	8	✅	DuckDB SSRF -> Spring Acutator
2024	0CTF	kubevirt	Web/Cloud	2	❌	KubeVirt virtual machine escape on Kubernetes
2023	0CTF/TCTF	olapinfra	Web	10	✅	ClickHouse JDBC bridge RCE + Hive UDF via HDFS
2022	0CTF/TCTF	jabasass	Web	2	✅	H2C smuggling + GraalVM sandbox escape + Wildfly management API + H2 JDBC attack
2022	RCTF	prettieronline	Web	-	✅	Prettier custom parser RCE via YAML/JS polyglot
2021	0CTF/TCTF	soracon	Web	-	✅	PHP ext-solr unserialize injection + Phalcon gadget chain
2021	RCTF	hiphop	Web	7	❌	HHVM debugger protocol exploitation via gopher SSRF
2020	0CTF/TCTF	amp2020	Web	3	✅	AMP XSS + CouchDB SSRF + axios parameter injection
2020	RCTF	bean	Web	5	✅	Beancount plugin code injection
2020	RCTF	swoole	Web	1	✅	Swoole PHP deserialization + Rouge MySQL Server
2019	0CTF/TCTF	114514calcalcalc	Web	-	❌	calcalcalc variant (see calcalcalc family)
2019	De1CTF	9-calc	Web	-	❌	calcalcalc variant (see calcalcalc family)
2019	RCTF	calcalcalc	Web	-	❌	Multi-language calculator exploitation (see calcalcalc family)
2019	RCTF	disk	Misc	-	❌	VeraCrypt hidden volume forensics
2019	RCTF	draw	Misc	-	❌	Logo programming language
2019	RCTF	jail & password	Web	-	❌	CSP bypass via Service Worker & WebRTC, chromeipass credential stealing
2019	RCTF	nextphp	Web	-	❌	PHP 7.4 FFI + Preloading + custom serialization
2019	RCTF	sourceguardian	RE	-	❌	SourceGuardian PHP encoder cracking via VLD
2018	RCTF	amp	Web	22	❌	Google AMP XSS via <amp-pixel> CLIENT_ID substitution
2018	RCTF	compiler & backdoor	Misc/RE/Web	15/14	❌	Backdoored glibc & bash in custom Arch Linux ISO
2018	RCTF	git	Misc	363	❌	Recover deleted commit via git rebase
2018	RCTF	no-js	Web/RE	7	❌	ClojureScript reverse engineering
2018	RCTF	retter	Web	4	❌	React SSR XSS + reading component state
2018	RCTF	sign	Misc	252	❌	Wine ELF executable disguised as Windows PE