CTF Archives

PicoCTF

Showing 4 writeups from this competition.

PicoCTFApr 14, 2025

Hash Only 2 — PicoCTF 2025

Writeup for the Pwn challenge Hash Only 2 from PicoCTF 2025. Escaping a restricted shell and hijacking PATH to trick a setuid flaghasher binary into running cat instead of md5sum.

Category: PwnEasy

PicoCTFApr 11, 2025

Hash Only 1 — PicoCTF 2025

Writeup for the Pwn challenge Hash Only 1 from PicoCTF 2025. Exploiting a setuid flaghasher binary via PATH hijacking to substitute md5sum with a custom script that spawns a root shell.

Category: PwnEasy

PicoCTFApr 10, 2025

PIE Time 2 — PicoCTF 2025

Writeup for the Pwn challenge PIE Time 2 from PicoCTF 2025. Leaking a runtime address via format-string vulnerability then calculating the win function address to bypass PIE and redirect execution.

Category: PwnMedium

PicoCTFApr 9, 2025

PIE Time — PicoCTF 2025

Writeup for the Pwn challenge PIE Time from PicoCTF 2025. Computing the offset between main and win then using the leaked runtime main address to redirect execution to the win function.

Category: PwnEasy