hqli-me (SekaiCTF 2025)

turning HQL injection into code execution

May 14, 2025

vite (SekaiCTF 2025)

novel prototype pollution gadget in node.js 24 gives rce in vite preview server

May 14, 2025

funny-lfr (SekaiCTF 2024)

race condition in starlette FileResponse allows reading procfs files

August 27, 2024

calcql (SekaiCTF 2024)

how to use monotonic aggregates in CodeQL

August 27, 2024

lookup (SekaiCTF 2024)

path confusion between com.sun.net.httpserver.HttpServer and nginx, exploit JNDI injection in high level jdk usign new commons-scxml gadget

August 27, 2024

UIUCTF 2023 - adminplz

dangling markup injection via log poisoning to bypass strict CSP and leak a session token

July 27, 2023

Rootme - Hardened Binary 4

exploiting a 32-bit ELF with full RELRO, stack canary, and NX via a format string vulnerability

July 25, 2023

HTB - RegistryTwo

HTB machine involving Tomcat RCE, RMI path traversal, and a custom Java deserialization chain

July 24, 2023