My challenges

I’ve been writing challenges since 2022, which is not a long time, but all of my challenges have more or less been scattered throughout the wind. This is my attempt to consolidate the ones I wrote.

MAPLECTF

• Honksay

  • XSS with object bypass

• Viene Library

  • Prototype Pollution to leverage PUT request-based header overrides in Ruby

• Art Gallery

  • TLS poison -> FTP -> Redis SSRF chain for deserialization RCE

• JUJUTSU KAISEN

  • POST-based img-tag XSSI -> ESI injection -> img-creation primitive oracle -> XS-leak

PBCTF

• Makima
  • FastCGI PHP and nginx path resolution for PHP RCE combined with X-Accel-Redirect header SSRF

GOOGLE CTF

• Veggie Soda
  • CSRF bypass to TypeScript type-confusion deserialization, causing pop chain-esque effects to pop XSS

HTB

• Redwave
  • Golang -> Ruby JSON parsing differential + SSRF bypass with header parsing differential + Ruby deserialization RCE