About
CTF Writeups
Index
ImaginaryCTF 2023
generic-rop-challenge
CakeCTF 2023
bofww
Memorial Cabbage
GlacierCTF 2023
Glacier Rating
PwC Hackaday 2023
Hack The Binary 1
Hack The Binary 2
PHP Code Review 1
PHP Code Review 2
Wargames.MY CTF 2023
Warmup
Status
Secret
bi0sCTF 2024
ezv8 revenge
osu!gaming CTF 2024
osu-v8
b01lers CTF 2024
mixtpeailbc
Notes
Active Directory
Kerberos Delegations
SMB Relay Attack
GOAD
Recon
ACL
ADCS
Delegations
Lateral Movement
Privilege Escalation
pwn
File Stream Oriented Programming (FSOP)
V8 Internals 101
rev
Flutter 101
Light
Rust
Coal
Navy
Ayu
Latte
Frappé
Macchiato
Mocha
d0ublew's Blog
Wargames.MY CTF 2023
web
Challenge Name
Keywords
Summary
Warmup
php, RCE, LFI
LFI to RCE via PHP PEARCMD
Status
php, k8s, nginx, off-by-slash
Retrieve nginx config file from k8s configmaps
Secret
k8s, HashiCorp Vault
Read secret from HashiCorp vault using the
vault
CLI and using
nginx
off-by-slash