This was a super interesting challenge to me. If you want to follow along, the files are archived here. At a basic level the challenge setup is that you can send shellcode for an “unknown” architecture, namely SW64, to a remote service that will execute it and return a single value. The Challenge Setup Starting…
Building a POC for CVE-2021-40438
If you’re blue team and want to know what an exploit for this looks like for filtering purposes I’ve added that information for you in…
Dipping into windows kernel exploitation with HEVD
After playing around with HEVD by following the excellent blog post here and managing to have some first success. I wanted to look into some…
Git Rekt #2 – Steghide
A while ago at our CTF meetup we were talking about the exploit exploit and got talking about other common CTF tools and what could…
Git Rekt #1 – Siim/ftp
The idea After doing the writeup for the iCTF babyshop challenge I’ve been unsure what to write about, even though I felt like I wanted…
ICTF baby_shop Writeup
So on our regular CTF meetup last week, a friend told me about a pwn challenge he had tried at a recent CTF and failed,…