Skip to content
/ CTF Public

This repo includes CTF solutions for challs that I learned something new.

0 stars 0 forks Branches Tags Activity
Star
Notifications You must be signed in to change notification settings

AlbertoFDR/CTF

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

20 Commits
2023
2023
 
 
2024
2024
 
 
README.md
README.md
 
 

Repository files navigation

2024

  1. IrisCTF
    • web:
      • lamenote: 'XS leak' using CSP restriction and history.length.
  2. Akasec
    • web:
      • HackerNickname: JacksonInject, curl globbing and Java Class Instance of org.springframework.context.support.FileSystemXmlApplicationContext.
  3. GreyCTF
    • web
      • CSS exfiltration
  4. OpenECSC
  5. JustCTF
    • web (backslash): nginx njs and proxy pass.
    • web (PocketBase): ¿mutation? XSS.

2023

  1. NahamCon
    • pwn:
      • pwn_weird_cookie: Custom Canary Exfiltration and ret2libc.
  2. ProjectSekai
    • rev:
      • AzusawaGachaWorld: Proxying the connections from the binary (game) to the endpoint.
    • web:
      • ScannerService: Bypass for Command Injection in Nmap params.
      • Frog-WAF: SSTI in Java (buildConstraintViolationWithTemplate). Character Bypass using [] and getSize().
      • GolfJail: WebRTC CSP Bypass and XSS.
  3. Random
    • web:
      • Mizu's chall: DOM Clobbering.

About

This repo includes CTF solutions for challs that I learned something new.

Resources

Readme
Activity

Stars

0 stars

Watchers

1 watching

Forks

0 forks
Report repository

Releases

No releases published

Packages

No packages published

Languages