Posts by Category CVE-2021-41773 Hacking Apache servers like it's 2004 (CVE-2021-41773) CVE-2021-42013 Hacking Apache servers like it's 2004 (CVE-2021-41773) CVE-2022-24735 Discovering a 2-year old priv-esc in Redis(CVE-2022-24735) CVE-2022-24736 Discovering a 2-year old priv-esc in Redis(CVE-2022-24735) CVE-2024-42478 Pwning LLaMA.cpp RPC Server CVE-2024-42479 Pwning LLaMA.cpp RPC Server CodeQL Hunting bugs in Nginx JavaScript engine (njs) afl Fuzzing with AFL | Part 2: Trying Smarter(Apache) Fuzzing with AFL | Part 1: Trying Harder(Redis) android Matrix CTF 2021 - 'Agent Man' writeup (Android) apache Fuzzing with AFL | Part 2: Trying Smarter(Apache) Compiling/Debugging Apache Hacking Apache servers like it's 2004 (CVE-2021-41773) perfect-blue CTF 2020 - 'Apoche' writeup (web) block-cipher KAF CTF 2020 - 'SSE_KEYGENME' writeup (rev) browser Hunting bugs in Nginx JavaScript engine (njs) browsers Pwning mjs for fun and SBX c++ LibJS exploitation: 'broobwser' writeup Pwning C++: placemat writeup challenge Reverse Engineering a Kernel Driver chall ctf BsidesTLV 2023 - 'Zen(d) Master' writeup (pwn) Pwning mjs for fun and SBX INTENT-CTF 2022: PwnMe writeup LibJS exploitation: 'broobwser' writeup Pwning C++: placemat writeup MatrixCTF 2022 - 'Mirror' writeup(pwn) TamilCTF - Pwn challs solutions BSidesTLV CTF 2021 - 'Rainy Redis' writeup (pwn) ICHSA CTF 2021 - 'Epic Game' writeup (pwn) OMH CTF 2021 - 'Framed' writeup (pwn) Matrix CTF 2021 - 'Roulette' writeup (pwn) Matrix CTF 2021 - 'Agent Man' writeup (Android) Shabak CTF 2021 - 'BabyRISC' writeup (pwn) XMAS CTF 2020 - 'lil wishes db' writeup (pwn) boot2root CTF 2020 - 'Canned' writeup (pwn) perfect-blue CTF 2020 - 'Sploosh' writeup (web) perfect-blue CTF 2020 - 'Apoche' writeup (web) perfect-blue CTF 2020 - 'Amazing ROP' writeup (pwn) Dragon CTF 2020 - 'Harmony Chat' writeup (web) JISCTF 2020 - 'Ransomware' writeup (rev) KAF CTF 2020 - 'SSE_KEYGENME' writeup (rev) NACTF 2020 - 'Format' writeup (pwn) debug Compiling/Debugging Apache dev GenesisOS: Publishing my micro-kernel! dev-env Compiling/Debugging Apache embedded Exploiting n-day in Home Security Camera emulator Shabak CTF 2021 - 'BabyRISC' writeup (pwn) epic-games Reverse Engineering Jazz Jackrabbit 2 fastbin-dup TamilCTF - Pwn challs solutions firebase Firebase Applications – The Untold Attack Surface firebase-security Firebase Applications – The Untold Attack Surface format-string NACTF 2020 - 'Format' writeup (pwn) fortify boot2root CTF 2020 - 'Canned' writeup (pwn) fsb Matrix CTF 2021 - 'Roulette' writeup (pwn) NACTF 2020 - 'Format' writeup (pwn) ftp Dragon CTF 2020 - 'Harmony Chat' writeup (web) fuzzing Fuzzing with AFL | Part 2: Trying Smarter(Apache) Fuzzing with AFL | Part 1: Trying Harder(Redis) graphql Hacking GraphQL Applications heap TamilCTF - Pwn challs solutions integer-overflow ICHSA CTF 2021 - 'Epic Game' writeup (pwn) intent INTENT-CTF 2022: PwnMe writeup interpreters BsidesTLV 2023 - 'Zen(d) Master' writeup (pwn) iot Exploiting n-day in Home Security Camera javascript Hunting bugs in Nginx JavaScript engine (njs) Pwning mjs for fun and SBX jazz-jackrabbit Reverse Engineering Jazz Jackrabbit 2 jit LuaJIT Internals(Pt. 3/3): Crafting Shellcodes LuaJIT Internals(Pt. 2/3): Fighting the JIT Compiler LuaJIT Internals(Pt. 1/3): Stepping into the VM LuaJIT Internals: Intro jit-engine BsidesTLV 2023 - 'Zen(d) Master' writeup (pwn) jj2 Reverse Engineering Jazz Jackrabbit 2 kernel Reverse Engineering a Kernel Driver chall GenesisOS: Publishing my micro-kernel! llama-cpp Pwning LLaMA.cpp RPC Server lpe Reverse Engineering a Kernel Driver chall lua LuaJIT Internals(Pt. 3/3): Crafting Shellcodes LuaJIT Internals(Pt. 2/3): Fighting the JIT Compiler LuaJIT Internals(Pt. 1/3): Stepping into the VM LuaJIT Internals: Intro luajit LuaJIT Sandbox Escape: The Saga Ends nday Exploiting n-day in Home Security Camera njs Hunting bugs in Nginx JavaScript engine (njs) osdev GenesisOS: Publishing my micro-kernel! packer Loading an ELF without the execve syscall php BsidesTLV 2023 - 'Zen(d) Master' writeup (pwn) Research Publication: Pwning PHP7 Internals (Zend engine) php7-internals Research Publication: Pwning PHP7 Internals (Zend engine) privilege-escalation Discovering a 2-year old priv-esc in Redis(CVE-2022-24735) pwn Pwning LLaMA.cpp RPC Server Reverse Engineering a Kernel Driver chall Hunting bugs in Nginx JavaScript engine (njs) Exploiting n-day in Home Security Camera BsidesTLV 2023 - 'Zen(d) Master' writeup (pwn) Pwning mjs for fun and SBX LuaJIT Sandbox Escape: The Saga Ends INTENT-CTF 2022: PwnMe writeup LibJS exploitation: 'broobwser' writeup Pwning C++: placemat writeup MatrixCTF 2022 - 'Mirror' writeup(pwn) Fuzzing with AFL | Part 2: Trying Smarter(Apache) Fuzzing with AFL | Part 1: Trying Harder(Redis) Hacking Apache servers like it's 2004 (CVE-2021-41773) TamilCTF - Pwn challs solutions BSidesTLV CTF 2021 - 'Rainy Redis' writeup (pwn) ICHSA CTF 2021 - 'Epic Game' writeup (pwn) OMH CTF 2021 - 'Framed' writeup (pwn) Matrix CTF 2021 - 'Roulette' writeup (pwn) Shabak CTF 2021 - 'BabyRISC' writeup (pwn) XMAS CTF 2020 - 'lil wishes db' writeup (pwn) boot2root CTF 2020 - 'Canned' writeup (pwn) perfect-blue CTF 2020 - 'Amazing ROP' writeup (pwn) NACTF 2020 - 'Format' writeup (pwn) Research Publication: Pwning PHP7 Internals (Zend engine) redis Discovering a 2-year old priv-esc in Redis(CVE-2022-24735) Fuzzing with AFL | Part 1: Trying Harder(Redis) BSidesTLV CTF 2021 - 'Rainy Redis' writeup (pwn) rev Matrix CTF 2021 - 'Agent Man' writeup (Android) JISCTF 2020 - 'Ransomware' writeup (rev) KAF CTF 2020 - 'SSE_KEYGENME' writeup (rev) Reverse Engineering Jazz Jackrabbit 2 risc Shabak CTF 2021 - 'BabyRISC' writeup (pwn) rop perfect-blue CTF 2020 - 'Amazing ROP' writeup (pwn) sandbox LuaJIT Sandbox Escape: The Saga Ends security camera Exploiting n-day in Home Security Camera shabak Shabak CTF 2021 - 'BabyRISC' writeup (pwn) srop TamilCTF - Pwn challs solutions ssrf perfect-blue CTF 2020 - 'Sploosh' writeup (web) stack-canary boot2root CTF 2020 - 'Canned' writeup (pwn) syscall MatrixCTF 2022 - 'Mirror' writeup(pwn) tapo c100 Exploiting n-day in Home Security Camera tp-link Exploiting n-day in Home Security Camera type-juggling XMAS CTF 2020 - 'lil wishes db' writeup (pwn) uninitialized-variable OMH CTF 2021 - 'Framed' writeup (pwn) web perfect-blue CTF 2020 - 'Sploosh' writeup (web) perfect-blue CTF 2020 - 'Apoche' writeup (web) Dragon CTF 2020 - 'Harmony Chat' writeup (web) Firebase Applications – The Untold Attack Surface Hacking GraphQL Applications websocket Dragon CTF 2020 - 'Harmony Chat' writeup (web) windows INTENT-CTF 2022: PwnMe writeup wmctf LibJS exploitation: 'broobwser' writeup zend-engine Research Publication: Pwning PHP7 Internals (Zend engine) zned BsidesTLV 2023 - 'Zen(d) Master' writeup (pwn)
