vicevirus’ Blog
Yo, welcome to my blog! I write tech stuff and play CTFs for fun. (still a noob)
Wargames.my WGMY 2024 Web Write-up
Wargames.my 2024 Web Writeup - Writeup on some of the web challenges in WGMY 2024. Twig php argc_argv template injection, kubernetes auth vault reading, vulnerable Wordpress plugin leading to LFI/LFR, OpenRASP bypass by loading custom/external class
BackdoorCTF'24 Writeup
BackdoorCTF'24 Writeup - Some of the web challenges. Prompt injection, DOM Clobber, CSS Injection through font-face.
🔎 spatie/browsershot ≤ 5.0.0: Improper Input Validation Leading to Local File Read (LFR) CVE-2024-21544
Improper Input Validation in spatie/browsershot ≤ 5.0.0. CVE-2024-21544
ASEAN Cyber Shield 2024 Prelim and Finals Write-up
ASEAN CYBER SHIELD HACKING CONTEST 2024 - Prelim & Finals Write-up of challenges that I managed to solve
Battle of Hackers 2024 (BOH/IBOH 2024) Local Category - Web Writeup
BOH/IBOH 2024 - All Web challenges writeup. Bunch of web stuff
Siber Siaga I-Hack 2024 Semi-Final Attack Defense CTF Write-up
A&D CTF in Malaysia. Solutions and methods of persistence.
Siber Siaga I-Hack 2024 Qualifier Write-up
All web solutions except for Pinger. LIttle bit of RE, DFIR and Malware.
Hacktheon Sejong 2024 Finals Web Write-up
Reversing WASM, React compiled code and exploring through Django
Wani CTF 2024 Web Write-up
<meta> tag redirect to XSS and hijacking timeserver by hosting your own