LearnStream - CyCTF2023 Finals
LearnStream is a very well designed web challenge by Abdelrahman Adel. The Registeration functionality has a JSON Interoperability vulnerability that…
Recent posts
theRFC - CyCTF2023 Finals
theRFC is very nice web challenge in CyCTF 2023 finals. The web application is written in flask and has a very obvious…
Allsafe Android Walkthrough - Part 2
Allsafe is just another intentionally vulnerable Android application. The app is built with kotlin and contains many vulnerabilities with a nice…
Allsafe Android Walkthrough - Part 1
Introduction Allsafe is just another intentionally vulnerable Android application. The app is built with kotlin and contains many vulnerabilities with a nice...
HTB: Cereal
Cereal is the single most amazing box I’ve done on hack the box. It starts by finding an ASP.NET Core source code of the application running on port 443, rev...
HTB: CrossFit
I loved CrossFit. It was a really tough box that forces you to write exploits in JavaScript, C, Python and Bash. It starts by finding a subdomain in a SSL ce...
SecureishShell – 0xL4ugh CTF
SecureishShell is a bit different to write about, since I built it. My goal is to introduce something that i rarely see in challenges, which is Keymap walkin...
CyberTalents: Crashed
Crashed is rated as a Hard machine that starts by anonymous SMB share folder that contained an executable and a DLL, Upon fuzzing the executable I find…