Writeup for #808080 from EHAX CTF 2026. A miscellanious challenge requiring generation of a 5-bit Gray Code sequence to decode a custom Caesar cipher.
Writeup for Chusembly from EHAX CTF 2026. A miscellanious challenge involving sandbox escape and arbitrary Python code execution via an unrestricted custom assembly interpreter.
Writeup for Epstein Files from EHAX CTF 2026. A web challenge involving bypassing an AI model accuracy check by brute-forcing predictions and spoofing X-Forwarded-For to bypass rate limits.
Writeup for Breathing Void from EHAX CTF 2026. A miscellanious forensics challenge involving isolating covert timing channels from huge pcap noise.
Writeup for Flight Risk from EHAX CTF 2026. A web challenge demonstrating React Flight deserialization (react2shell) and bypassing a WAF for RCE on a Next.js application.
Writeup for Kaje from EHAX CTF 2026. A reverse engineering challenge involving analyzing an ELF64 binary to understand its custom MurmurHash3-based PRNG keystream, and exploiting the environment-based seed branching.
Writeup for Quantum Message from EHAX CTF 2026. A forensic audio challenge analyzing high-speed custom DTMF-style symbol transmission and extracting the encoded decimal streams.
Writeup for tictactoe from EHAX CTF 2026. A web challenge that involves exploiting server-side trust by bypassing dimension checks in a classic 3x3 game API.
