This blog post is a tutorial on how to add liquidity to receive LP tokens and use Farms to earn MEX in Maiar Exchange.

Our goal is to add a liquidity token of ELGD/MEX. I assume you have already login and swap the needed tokens.

Before we start everything, let's check our balance. Simply click the wallet address in the upper right corner.


If you haven’t read yet the first challenge you can visit the link below

Challenge: NoteQL

Category: Web

The application is a note-taking application that uses GraphQL to save and fetch notes. I forgot to screenshots the main page of the challenge but our goal is to get the Hidden/Admin Notes.

I use Burpsuite to observe the GraphQL request and response.


Hack The Box (HTB) hosted its very first “corporate only” CTF this past weekend which is called HTB Business CTF 2021.

Hackthebox Business CTF 2021

My friend invited me to join their team. So without further ado, let's get into it.

Challenge: Time

Category: Web

Get the current date and time, anytime, anywhere!


rootcon recovery mode

For this post, I will write our team’s solutions for the Web challenge — Wizardry. If you haven’t read yet my previous post on Forensics Challenge you may visit here:

https://medium.com/@fr4nc1stein/rootcon-recovery-mode-ctf-forensics-warm-up-660254c8d176

Let’s start.

Challenge Writeups

Category: Web

Challenge: Wizardry

Points: 300


rootcon recovery mode edition

My friends and I participated in Rootcon Recovery Mode CTF this year. This is my 2nd time to join Rootcon CTF, and for this year, as expected the country’s best and experienced teams are competing. My team manages to pass the qualifiers and move to the finals (without my help) since I was asked to join the team after and in short notice.

This year CTF is different, and the challenges are frustratingly hard, but it was fun. There are different categories for each challenge to solve, and from those choices, I tried one first from Forensic, which is not…


Hey guys, Friendzone Challenge was retired in hackthebox and here’s my writeup. Friendzone is a good challenge for me, here’s the ip 10.10.10.123.

First thing we start with nmap.

nmap -sC -sV -T 10.10.10.123


The paragraph below opened the challenged

Brainy likes playing around with esoteric programming. He also likes math and has therefore encrypted his very secure password with a popular encryption algorithm. Claiming that his password cannot be retrieved now, he has sent the ciphertext to some of his friends. Can you prove to Brainy that his password can actually be recovered?

From there I got a clue and search online regarding Esoteric Programming. The challenge is more on Crypto so I dig more on “Esoteric Programming Decoder” which return two results that caught my attention.

  1. https://www.dcode.fr/ook-language
  2. https://www.dcode.fr/brainfuck-language

I opened the brainy.txt…


On this blog post, I will explain how I solved the challenge from hackthebox under web category which is called “Grammar”.

Grammar Challenge

By running the instance, I started to explore the web challenge by opening the link given. A forbidden error prompt after loading the given url.

Al Francis

Co-Founder of Kalasag and Project Access Granted Society. A Certified Ethical Hacker,EC-Council Certified Incident Handler and Certified Blockchain Developer.

Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store