24/03/2025
Limited 1, 2 and 3
16/12/2024
Bypass authentication via jwt jku, then empty crypto wallet
15/12/2024
Obtain access to the admin’s account, achieve code execution by dispatching weapons and retrieve the flag
26/05/2024
This years Sthack CTF took place the 24th of May. You can find a description of this event here.
For the last three years, the Non-Profit Hack4Values has been working with the Sthack to offer a private bug bounty program to help NGOs strengthen their digital security. The bug bounty program starts one week before the CTF, and ends around 11pm, during the competition.
I spent the first few hours of the CTF finishing my report for the bug bounty, and found a critical vulnerability!
21/04/2024
This challenge was created by shoxxdj for an edition of the Sthack from a few years ago. During our infosec lab, we were given the opportunity to try this challenge, as we were too young to have participated in the ctf where it was given.
Before starting, I know the scripts that I created for this chall are not the cleanest and do not use best practices, but they were useful at the time to solve it.