the cr0wn

The UK’s Top Competitive Cyber Security Team

  1. WPICTF 2019: breakingin (pwn)

    For this challenge we were given SSH credentials and told that there was an SSH server listening on localhost on breakingin.wpictf.xyz, but the firewall was blocking external access to this server. However there was a ‘weird’ service listening on port 31337. …


  2. PlaidCTF 2019: Triggered (web)

    For this challenge we have an utter atrocity against mankind, a webserver written entirely in SQL. …


  3. VincCTF 2018

    This was a very enjoyable cryptography-only CTF. It explored common implementation errors in modern cryptosystems, with a focus on elliptic curve signatures, broken combination ciphers, and cryptocurrencies. …


  4. SECCON 2018: Ghostkingdom (web)

    This is a writeup of the Ghostkingdom web challenge from SECCON 2018 Online CTF. …