I’ve been very interested in CodeQL since the moment I discovered its existence. Even though I did the tutorials back in the day, I knew I needed more knowledge and hands-on practice to be able to do something useful with it. So, as soon as it was announced, I decided I was going to participate in GitHub Security Lab CTF 4 - CodeQL and Chill. After some weeks of battling with it, I was able to deliver a solution and ended up getting the 5th position in the competition. Even though it’s not enough to get any of the prices, the experience alone was absolute worth the time invested. In the following link you can find the write-up and queries I delivered as my solution to the challenge. I hope you enjoy reading it (at leasy partly) as much as I did struggling to solve it!

Solution