Posts on Pwn-la-Chapelle

Intro Workshops 2026

Tue, 14 Apr 2026 12:00:00 +0000

Are you interested in CTFs and Cybersecurity? Do you want to get started, but don’t know how?
We are thrilled to announce that we will be hosting a series of introductory workshops this semester!

Author Writeup – Haix-La-Chapelle CTF 2025: Ghostbusters

Mon, 08 Dec 2025 01:00:00 +0000

This is a writeup for the challenge “Ghostbusters” I submitted to Haix-La-Chapelle CTF 2025, which was the first CTF challenge I’ve ever created. I often see Ghostscript used in the wild in various ways in pentests, which is why I wanted to write a challenge about it for quite a while. If you are interested in this topic, my colleagues and I have also written a blog post about Ghostscript exploiting and published some useful exploit scripts for attacking Ghotscript.

Writeup - GlacierCTF 2025: typstmk

Mon, 24 Nov 2025 21:34:53 +0000

A misc challenge by ecomaikgolf.com, solved by Trayshar (with support from Romern, vincentscode)

Challenge

The cutting-edge Typst build tool, now with extra compilations!

Haix-la-Chapelle 2025

Wed, 08 Oct 2025 16:20:00 +0000

We are happy to announce that we will be hosting our first ever CTF, Haix-la-Chapelle 2025, on the 29th of November! It will be a Jeopardy style CTF and will start at 10 am Berlin time, lasting for 24 hours.

Writeup – GPN CTF 2025: Honeypot

Mon, 23 Jun 2025 12:00:00 +0000

TLDR: Our commands trigger eBPF syscall hooks which each correspond to a move in a labyrinth. Once we beat the labyrinth, the hook decrypts the flag.

Writeup – GPN CTF 2025: Paranoid

Sun, 22 Jun 2025 12:00:00 +0000

Challenge Overview

Name: Paranoid
Category: Crypto
Points: 383/500
Solves: 6
Author: Alkalem
Challenge Files: paranoid.tar.gz
Flag Format: GPNCTF{…}

We are presented with a pseudo-random number generator that implements a linear congruential generator (LCG) with parameters that are themselves randomly generated at program start.

Writeup – bi0s CTF 2025: dont_whisper

Mon, 09 Jun 2025 12:00:00 +0000

1. Challenge Overview

many say that neural networks are non deterministic and generating mappings between input and output is non TRIVIAL

Intro Workshops 2025

Mon, 07 Apr 2025 12:00:00 +0000

Are you interested in CTFs and Cybersecurity? Do you want to get started, but don’t know how?
We are thrilled to announce that we will be hosting five introductory workshops this semester!

Deutsche Hacking Meisterschaft 2024

Thu, 18 Jul 2024 12:00:00 +0000

From July 10th to July 12th, we had the chance to participate in the first edition of the Deutsche Hacking Meisterschaft (DHM) in Bonn. This is the joint finals of the Cyber Security Rumble and the Cyber Security Challenge Germany.

Writeup - Deutsche Hacking Meisterschaft 2024: Parse my Postgres

Tue, 16 Jul 2024 12:00:00 +0000

A web challenge by 0x4D5A, solved by Vincent, Sven and Trayshar

Challenge

Ever found an 0-day in a 20k stars GitHub project? You can do now! A recent security advisory of the Parse Server disclosed a critical SQL injection vulnerability. The mitigation:

Writeup - Deutsche Hacking Meisterschaft 2024: Cute Big Cats

Tue, 16 Jul 2024 08:00:00 +0000

A crypto challenge by 0x4D5A and Rugo, solved by Euph0r14 and Trayshar

Challenge

Who doesn’t love Cute Big Cats? But the most beloved cat is the “flag cat”, only visibile to the admin user. Go grab it!

Writeup - Cyber Security Rumble 2024: Conspiracy Social

Sat, 18 May 2024 16:00:00 +0000

A web challenge by lukas, solved by Euph0r14, Danptr, Vincent

Challenge

Always wanted to start your own Conspiracy but got overwhelmed managing all the secret handshakes and passwords with your fellow conspirators? Then Conspiracy Social is the solution you’re looking for. We take all the hassle out of managing secret handshakes. With us you can always be sure that your conversation partner is who he pretends to be.

Writeup - Cyber Security Rumble 2024: MyFirstPythonSite

Sun, 12 May 2024 13:00:00 +0000

A web challenge by lukas2511, solved by Euph0r14, Danptr, Svido, nikgame33

Challenge

I’ve heard PHP is insecure, so I started writing my first website in Python instead!

Writeup - UMDCTF 2024: TripleDES

Fri, 03 May 2024 21:16:23 +0000

A crypto challenge by clam, solved by Trayshar and Euph0r14

Challenge

Before the Kwisatz Haderach, the Bene Gesserit used this oracle to predict the future.

Writeup - UMDCTF 2024: PaddingOracle

Fri, 03 May 2024 19:16:23 +0000

A crypto challenge by lily, solved by Trayshar and Euph0r14

Challenge

The Baron used AES128-CBC with PKCS#7 to hide the flag. Can you recover the flag using his padding oracle?

Writeup - DamCTF 2024: Tarrible Storage

Sun, 28 Apr 2024 07:34:53 +0000

A web challenge by M1ll_0n, solved by Trayshar

Challenge

Move over google drive, there’s a new file storage service in town: http://tarrible-storage.chals.kekoam.xyz