W3ndige Student Just a student with passion for security. Interested in operating systems, reverse engineering and how things work at low level.

Midnightsun CTF 2019 - Marcozuckerbergo

After last challenge we’ll move onto the one that is a continuation of the previous Marcodowno challenge. Once again we have to find a XSS vulnerability in a website that triggers without any user interaction, but this time the vulnerable code has changed.

Midnightsun CTF 2019 - Marcodowno

This challenge I decided to go for a cool challenge, marcodowno, in which we had to find XSS vulnerability that pops alert(1) without the user interaction. After successfuly doing it in our client, we had to paste the working solution in the form of URL into a service that would check it, and upon correct exploitation, grant us a flag.

VolgaCTF Qualifiers 2019 - warm

Another week and another write up, this time from VolgaCTF Qualifiers we have a pwn challenge called warm rated at 100pts. Quite an annoying challenge with big troll at the last part of exploitation. Big kudos to Yodak for firstly reverse engineering the binary.

Securinets Prequals 2019 - Baby One

A little bit late but here’s my write up for Securinets Prequals 2019 challenge called Baby One. Really cool task with simple stack buffer overflow, but requires some ‘universal’ exploitation knowledge. Let’s take a look at it.

Securinets Prequals 2019 - AutomateMe

Altough I’m not sure if that was part of intended solutions, I’ve decided to write up cool little challenge from Securinets Prequals, called AutomateMe. Let’s take a look at how some tools can speed up your process of reverse engineering.

© 2016 - 2019 Root Network Security. Made with