CTF Writeups | THE SANDF | Security Researcher / Cross-chain Engineer

2025

Ethernaut - Coin Flip

Exploiting weak on-chain randomness using a smart contract. Learn how transaction execution order and historical block data make deterministic randomness highly exploitable.

t thesandf
July 3, 2025
3 min read

solidity security randomness ethernaut ctf
Damn Vulnerable DeFi - Free Rider

Exploiting msg.value reuse in batch processing. Learn how to combine Uniswap V2 flash swaps with a faulty NFT marketplace loop to drain an entire collection for the price of one.

t thesandf
July 2, 2025
1 min read

solidity security nft flash-loan msg-value-reuse audit damn-vulnerable-defi ctf
Ethernaut - Fallout

Exploiting a simple typographical error in a smart contract constructor. Learn how a single character typo can turn a critical initialization function into a public exploit vector.

t thesandf
July 2, 2025
2 min read

solidity security initialization ethernaut ctf
Damn Vulnerable DeFi - Unstoppable

A masterclass in Denial of Service (DoS) via ledger inconsistency. Learn how a single permissionless transfer can permanently paralyze an ERC4626 vault.

t thesandf
July 1, 2025
3 min read

solidity security erc4626 dos audit damn-vulnerable-defi ctf