Dropping my kernel exploitation notes I've been working on since I first started researching in this
I'll keep updating the repo so please, let me know if there's smthg unclear or must be fixed
You'll also find future writeups & challenges authored there.
https://t.co/lJGRItVkvo
I'am dropping a writeup for Two tasks released at @SecuriNets CTF Quals 2k23.
0 CSP: XSS through Service worker cache poisoning and CRLF injection.
Mark4archive: Race condition, Websocket request smuggling, LFI, Deserialization -> RCE.
https://t.co/7VAKCYz7GQ
I'll drop this here. An analysis for exploiting _dl_fini function in libc 2.31 and 2.35
In 2.31, we had plenty of attack points to control the execution flow.
In 2.35 __rtld_lock_lock_recursive became in a read only area so we have less options.
Enjoy.
https://t.co/AvZNO5ZpDk
We played bi0s CTF this weekend and got 8th, enjoyable and creative challenges. Forensics was really missed though!
Congratulations to our members and the other teams, and thanks to @teambi0s for the CTF ❤️
#ctf#cybersecurity#bi0sctf
We finished second in the MENA region and 15th globally out of 70 qualified teams, during the final round of the CSAW'22 CTF Competition, organized by Osiris Labs and the NYUAD.
Another milestone for this team ❤
Thank y'all!
#CSAW#InfoSec#CTFB
We finished 14th globally and 1st in MENA in @CSAW_NYUTandon CTF organised online last weekend, among 900 academic and international teams!
We can't wait to participate in the finals at @nyuabudhabi
Kudos to everyone in the team for their dedication and huge efforts ❤️
#CSAW#CTF
This was a great opportunity to learn, I'll be looking forward for the coming CTF.
This will be my first writeup, @YogoshaOfficial.
#YogoshaChristmas
https://t.co/B0UZoKNEAO