Currently making the solution for secure-email-serviceand the walkthrough will be published here as soon as it's ready.
Check back soon - or follow our latest updates on the homepage- to be notified when the full writeup goes live.
Want more picoCTF 2025 writeups?
Register with a UNION SELECT SQL injection payload as your username. When reports are generated, the injection extracts the flag from a hidden table.
Chain an XSLT injection with a Redis LRU side-channel to exfiltrate the admin's secret from this hardened web app.
A periodic-table themed web app with a multi-step server-side vulnerability. Chain SSTI or injection to traverse restricted paths and extract the flag.
Chain SSRF and injection in a cancer-research portal to pivot internally and leak the flag.
An upgraded frog-image generator with stricter input filters. Bypass the sanitization and exploit a server-side injection to execute commands and exfiltrate the flag.