Blog

Veggie Soda | Google CTF 2023

July 21, 2023 - Andrew Kuai

web deno serialization csrf xss javascript

Rabbits, Denosaurs, and misinterpreted sodas brew a wonderful XSS!
Minimal Natural Instruction Structural Transformation | Bucket CTF 2023

April 8, 2023 - Ronak Badhe

misc ai autoencoder

Writing a decoder for an autoencoder trained on the MNIST dataset!
pwn/bop | DiceCTF 2023

March 17, 2023 - Alexander Zhang

pwn rop seccomp

Reading and printing the flag with a ROP chain
My ECC Service | pbctf 2023

February 19, 2023 - Arnav Vora

crypto ECC Pohlig-Hellman discrete-logarithm

Cracking an ECC service using discrete logarithms.
The Triple Blockchain Writeup | X-MAS CTF 2022

December 23, 2022 - Andrew Kuai

blockchain misc soldity

A few Solidity smart contract vulnerabilities and information about Ethereum internals leading to a set of flags!
Developer's Hubris | Square CTF 2022

December 21, 2022 - Andrew Kuai

web serialization java

A Java Spring boot deserialization vulnerability that leads to RCE!
rev/osu? | Buckeye CTF 2022

November 13, 2022 - Jason An

rev opengl

A 50,000 thread flag checker VM implemented in OpenGL.
Quadprime RSA | BuckeyeCTF 2022

November 7, 2022 - Gary Song

crypto rsa

Just use random primes.