Intigriti's November 2025 CTF Challenge
November 24, 2025
Belgian ethical hacking platform Intigriti hosted a new CTF (Capture The Flag) challenge in November 2025.
- I uploaded a PDF containing my writeup that can be read below or downloaded here: PDF
The challenge was build around a weak server side JWT (JSON Web Token) check that could increase our application permissions which lead to Server Side Template Injection (SSTI). The Server Side Template Injection (SSTI) allowed to perform Remote Code Execution (RCE) to inject a reverse webshell and compromise the web server.
Embedded writeup PDF:
Latest Posts
- November CTF Challenge 2025 - Intigriti October CTF Challenge 2025 - Intigriti May XSS Challenge 2025 - Intigriti January XSS Challenge 2025 - Intigriti August CTF Challenge 2024 - Intigriti June XSS Challenge 2023 - Intigriti April CTF Challenge 2023 - Intigriti December XSS Challenge 2022 - Intigriti July XSS Challenge 2022 - Intigriti March XSS Challenge 2022 - Intigriti April XSS Challenge 2022 - Intigriti January XSS Challenge 2022 - Intigriti December XSS Challenge 2021 - Intigriti October XSS Challenge 2021 - Intigriti September XSS Challenge 2021 - Intigriti May XSS Challenge 2021 - Intigriti March XSS Challenge 2021 - Intigriti November XSS Challenge 2020 - Intigriti May XSS Challenge 2020 - Intigriti KIBA - Try Hack Me