Walk Off The Earth - TPCTF 2023 Luc1f3r 2023-11-30 Web tl;dr Mutation XSS using namespace confusion Parsing inconsistency in JSDOM Read More Writeup TPCTF mXSS
Awesomenotes II - Hack.lu CTF 2023 Z_Pacifist 2023-10-16 Web tl;dr XSS + HTML sanitization library (ammonia) bypass Namespace confusion in ammonia using custom allowed extra tags(math & style) Read More Writeup mXSS Hack.lu CTF 2023 Web
Vessel Cartographer - HTB CyberApocalypse 2023 retr0ds 2023-03-24 Reversing tl;dr Dynamically resolved hashed API Tls_call_back based anti-debug check AntiDebugFlag check implemented using ProcessInformationClass AES_CBC decryption of image to find flag Read More Writeup HTBCA23 Reversing AES_CBC
Lost Exponent - Pwn2Win 2021 xxMajinxx 2021-06-05 Misc tl;dr Reverse bytearray to recover matrix cflag. Use first element of matrix to recover e (bruteforce &iroot) Reduce the flag to finite field of a 32-bit prime, solve for each character. Read More Pwn2Win Writeup Misc Matrix
Mantis - Hack The Box 7h3M0nk 2021-03-31 HackTheBox tl;dr Kerberos Exploitation MS MySQL Server MS14-068 GoldenTicket Read More HackTheBox Writeup Mantis Goldenticket
Shocker - Hack the Box 7h3M0nk 2021-02-08 HackTheBox How to crack Shocker box without Metasploit. tl;dr ShellShocker exploit Apache mod_cgi Read More HackTheBox Writeup Shocker
TCalc - Hack.lu CTF 2019 slashb4sh 2019-10-26 Pwn tl;dr Linux heap exploitation with arbitary free vulnerability Read More Writeup CTF Pwn
remain - SECCON CTF Quals 2019 slashb4sh 2019-10-20 Pwn tl;dr linux heap exploitation challenge with glibc 2.30 Read More Writeup CTF Pwn