ComplainIO Writeup
Leverage prototype pollution to bypass Sequelize and Carbone errors that arise from prototype pollution to finally exploit a Carbone 3.5.5 RCE vulnerability.
Leverage prototype pollution to bypass Sequelize and Carbone errors that arise from prototype pollution to finally exploit a Carbone 3.5.5 RCE vulnerability.
Use IDA to find the function responsible for displaying the flag and jump to it for an unintended solve.
Use GIMP to visualize raw memory data from a memory capture, reveal the passwords, one from an image editor and another from a text editor and combine them to get the flag.
Extract .img file to get files, find the "compressor" binary and the bash history, use pyinstxtractor and pycdas to get partial source code, and "decompress" (decrypt) the target file to retrieve t...
Cracked a ZIP wih John, analyze a malicious document macro that pulls an encrypting script from a gist, and decrypt AES-encrypted files to retrieve the flag.
Decrypt a custom image format using header data, decompress the image data, and reconstruct it to find the flag hidden within.
Recover a deleted file from a repository that uses Mercurial (hg) for version control, decrypt it using a given script, and obtain the flag.
A Simple JavaScript challenge that uses Deno and evals user input. Read current directory and then the flag which was generated with random characters.
Look at the EXIF data of the image to find the location and use Wikipedia to determine the location the license plate belongs to.
Leveraging AWS S3 bucket versioning to leak files. Challenge Description We’re tasked with accessing a website that has an AWS S3 bucket and use its object versioning feature to retrieve files ...