Stickied Posts

Recent Posts

BSides SF CTF 2018 - Gorribler (Pwn)

15 minute read

Execute arbitrary shellcode by writing to the buffer by calculating values that provide the right values when simulating a projectile’s trajectory.

Midnight Sun 2018 - Botpanel (Pwn)

6 minute read

Multiple vulnerabilties involving formats strings and unsafe threaded access to shared variables in a 32 bit ELF binary allows an attacker to obtain remote c...

HITB GSEC Qualifiers 2018 - Upload (Web)

2 minute read

The FindFirstFile() function in the Windows API can cause odd behaviour in PHP applications running on Windows. We leverage this to leak information about th...