Crew CTF 2025
A mostly solo run through two excellent obfuscation challenges, including a First Blood nearly 18 hours ahead of the second solve.
I ended up playing most of CrewCTF 2025 on my own, so our final placement was not particularly impressive. Still, I had a great time with the event because its obfuscation challenges were exactly the kind of reversing problems I enjoy.
The highlight was Flag Checker, a genuinely difficult challenge that took a mix of deobfuscation, dynamic analysis, and VM reversing. I managed to get First Blood, roughly 18 hours before the second solve appeared, which made the result especially satisfying.
Looking back, Flag Checker was one of the most enjoyable challenges I solved this year—and also one of the most valuable from a learning perspective. It forced me to decide which parts of the obfuscation were worth removing completely and which parts were better handled through alternative analysis techniques.
Below are my write-ups for the two reversing challenges I solved during the event:
Write-ups
WASM Vault
An obfuscated WebAssembly challenge. I converted the module with wasm2c, rebuilt it as an x64 binary, and analyzed the opaque predicates in a more familiar environment.
Flag Checker
A heavily obfuscated flag checker that breaks conventional decompilation and eventually leads into a custom VM. This write-up covers control-flow recovery, runtime analysis, and the techniques that led to the First Blood.
