Blog
Search
Featured posts

Intigriti June RCE Challenge (0625)
A surprising RCE challenge instead of XSS, created by @ToG. I took an unintended approach involving the Preferences file and a chromedriver CSRF RCE issue, a must-know for CTF authors.

OBS WebSocket to RCE
Disabling password authentication of your OBS WebSocket server can have devastating consequences. We'll attack from the browser to construct an RCE payload on Windows formed from the pixels of an image, a polyglot.

The Ultimate Double-Clickjacking PoC
Combing a lot of browser tricks to create a realistic Proof of Concept for the Double-Clickjacking attack. Moving a real popunder with your mouse cursor and triggering it right as you're trying to beat your Flappy Bird high score.

MCP: May Cause Pwnage - Backdoors in Disguise
Together with @AtomicByte, we found some vulnerabilities in the MCP protocol, debugging tools, and scanned for internet-exposed servers. This resulted in a ton of results ranging from headless browsers, databases or code evaluators.