A blog about cybersecurity by Cybix AB

Writeup for Cyber Apocalypse CTF 2024 challenge Confinement


Hack The Box arranged Cyber Apocalyse 2024 between 9 Mar - 14 Mar. It was a five day event with a 20 person per team limit. This CTF is in the usual Jeopardy style and divided into categories of misc, reversing, forensics, web, crypto, pwn, blockchain and hardware. As you can see a lot of players joied for this years event. There’s plenty of challenges to choose from but the ones that involved most members from our team this year was a challenge called Confinement.…
Read more ⟶

1337 Santas Nice List


Santa Claus, the merry overseer of the North Pole, recently declared himself an ’elite hacker’. Brimming with confidence, he set out to master the intricacies of C programming and Python scripting, envisioning a high-tech revolution for his workshop. However, Santa’s understanding of these programming languages was as muddled as a blizzard, and his grasp on Linux permissions was as unstable as a sled on thin ice. The centerpiece of Santa’s digital foray was his treasured ‘Nice List’ web app, which, contrary to tradition, catalogued the world’s most commendable ethical hackers.…
Read more ⟶

Writeup for the easy ranked Hack The Boo CTF challenge Pinata


Recon It’s october and Cybersecurity awareness month and a lot of events are going on in the Cybersecurity arena. We found out about Hack The Boo CTF that goes on in parallell with Huntress CTF. I was already heavily invested in that one but what can be more fun than one CTF? Maybe two at the same time!! :) This is how the CTF is described: Are you afraid of the dark?…
Read more ⟶

Exploiting CVE-2023-38831 with my bare hands


This time I thought we should take look at a new CVE and dig in to some of it’s inner workings. I will try to show how simple it is to exploit as soon as there are publicly known details. The question here is if it was more dangerous as a zero day or is it more dangereous now when there are free PoC:s for everybody to use? This is what I will be trying to do:…
Read more ⟶