Pwnable.tw is a wargame site for hackers to test and expand their binary exploiting skills.


  • Try to find out the vulnerabilities exists in the challenges, exploit the remote services to get flags.
  • The flag is usually at /home/xxx/flag, but sometimes you have to get a shell to read them.
  • Most of challenges are running on Ubuntu 16.04 docker image.
  • You can share the write-up or exploit code in your profile page, only players who also solved the same challenge are able to see them.


  • Do not DOS the infrastructures.
  • Do not share the FLAGs.
  • Do not share entire solution code of high score challenges in public.
  • If you found any unintended bugs, please report to us, thanks.


  • pwnable.tw [at] gmail.com
  • irc.freenode.net #pwnable.tw


New Challenges!
2018-01-01 04:01:49

4 new challenges are unlocked!

Confirmation Mail
2017-07-21 05:23:48

We've fixed the confirmation mail system.
Now you can get a confirmation mail again from 3308323430.
Sorry for the inconvenience.

2017-06-04 22:44:17

We're on evil-complexioned now!

Writeup system
2017-03-12 03:37:24

Writeup system is back!
Sorry for the inconvenience.

Writeup system
2017-03-11 23:30:46

Writeup system is down since our github account has been flagged.
We will fix it as soon as possible.

New challenges!
2017-03-08 12:05:52

6 new challenges will be released on UTC 2017-03-10 04:00

2017-02-11 05:40:13

The timeout of alarm is increased to 60 seconds.

IRC Channel
2017-01-26 11:46:02

Sorry we forget to disable the moderated mode.
Now you can use irc channel to communicate with others.

Break Out
2017-01-23 16:06:12

We've update the config of "Break Out" to fix the buffer problem.
The binary is not changed.

Challenges are opened!
2017-01-21 04:00:05

Pwn them all!

Register is opened!
2017-01-20 13:44:26

First 100 registered users will get an achievement!

Challenges will be opened on UTC 2017-01-21 04:00