vicevirus’ Blog
Yo, welcome to my blog! I write tech stuff and play CTFs for fun. (still a noob)
CYDES 2025: ICS Cyber Siege CTF Experience + Prelim Web Writeup
CYDES 2025: ICS Cyber Siege CTF Experience + Prelims Web Writeup
🔎 Maybe whitelisting Cloudflare IPs isn’t always a good idea…
How whitelisting Cloudflare IP can be dangerous in certain cases
🔎 TeX-ing the Limits: When a Patch Falls Short (CVE-2025-26525)
LaTeX local file read vulnerability
Wargames.my WGMY 2024 Web Write-up
Wargames.my 2024 Web Writeup - Writeup on some of the web challenges in WGMY 2024. Twig php argc_argv template injection, kubernetes auth vault reading, vulnerable Wordpress plugin leading to LFI/LFR, OpenRASP bypass by loading custom/external class
BackdoorCTF'24 Writeup
BackdoorCTF'24 Writeup - Some of the web challenges. Prompt injection, DOM Clobber, CSS Injection through font-face.
🔎 spatie/browsershot ≤ 5.0.0: Improper Input Validation Leading to Local File Read (LFR) CVE-2024-21544
Improper Input Validation in spatie/browsershot ≤ 5.0.0. CVE-2024-21544
ASEAN Cyber Shield 2024 Prelim and Finals Write-up
ASEAN CYBER SHIELD HACKING CONTEST 2024 - Prelim & Finals Write-up of challenges that I managed to solve
Battle of Hackers 2024 (BOH/IBOH 2024) Local Category - Web Writeup
BOH/IBOH 2024 - All Web challenges writeup. Bunch of web stuff
Siber Siaga I-Hack 2024 Semi-Final Attack Defense CTF Write-up
A&D CTF in Malaysia. Solutions and methods of persistence.
Siber Siaga I-Hack 2024 Qualifier Write-up
All web solutions except for Pinger. LIttle bit of RE, DFIR and Malware.