Turns out generating endless login URLs isn’t such a great idea.

Writeup, solution, and pitfalls of an Intigriti XSS challenge involving a prototype pollution vulnerability.

How a simple PDF export feature and ignored security recommendations allowed reading arbitrary server files

Introduction The challenge site offers a nice interface which allows you to enter a username and answer to the following question: Have you ever played this game?. On submitting the same page is r...

My build Just a couple of weeks ago I finished my personal 8-bit computer build inspired by ben eater. I learned a lot during the design and troubleshooting process. My build differs only slightly ...

TL;DR; Because of PostgreSQL Planning and Optimization, Blind-Error Based Sql-Injection payloads like this: SELECT CASE WHEN (YOUR-CONDITION-HERE) THEN cast(1/0 as text) ELSE NULL END won’t work...

Introduction A couple weeks ago I got a notification, informing me of Michael Stepankin’s new research about an insecure deserialization in Java. It’s been a while since I solved an old PHP deseri...

Introduction From the main site we can see that the captcha logic is processed by the /captcha.php site. This end point ends up being vulnerable to rXss. Another thing to note is that we can contr...

This is the second part Of OverTheWire’s Narnia CTF Writeup covering all the final levels from 5 to 9. Let’s start! Narnia5 Let’s start off by taking a look to the source code: #include <stdio...

Intro Hello everyone. This will be the first of my two posts about Over The Wire’s Narnia CTF. Today i will cover how i got the solution going from level 1 to 5. Let’s jump right into it! Not...