Posts
- Reviving modprobe_path technique (again) July 3, 2026Finding new and easier ways to call modprobe during a CTF challenge
- snalloc - Lake CTF 2025 March 1, 2026Exploiting a custom allocator with massive feng shui leaklessly
- cherry - Mimic Defense CTF December 12, 2025Hacking the jerryscript js engine in a chinese CTF
- htaas - UofT CTF 2025 January 15, 2025OOB in hashtables leads to arbitrary code execution
- heap_master - n1ctf 2024 January 9, 2025Pwning the kernel via cross-cache UAF and PTE corruption
- TOY/2 - SECCON CTF 13 November 24, 2024Leakless vm escape using an off-by-one bug
- Java? - Securinets CTF Quals 2024 October 21, 2024Hacking Java using a format string bug
- physler - BRICS CTF 2024 October 20, 2024Exploiting a physical address arbitrary read/write
- chains - BRICS CTF 2024 October 18, 2024Using proxy chains to pwn the remote server
- TLN - snakeCTF 2024 September 9, 2024Weird C++ keyword for the win
- My own kernel fuzzer - lxfuzz September 7, 2024Writing a kernel fuzzer from scratch
- the ring - BlackHat MEA CTF 2024 September 2, 2024Exploiting a C++ FLAC parser to get the flag
- valorn't - PlaidCTF 2024 April 23, 2024Bypassing all the easy swear word filters
- Exploiting the kernel - CVE-2022-24122 March 12, 2023Exploiting an UAF decrement to achieve LPE
- Jailbreaking iOS 9.3.5 - CVE-2016-4669 March 1, 2022Implementing a PoC for an iPad 2
- Software and hardware fundamentals March 1, 2022Notes about basic computer knowledge
- About January 1, 1970About me