Home

Posts

PWNSECCTF 2024 - Jinja Mastery

A writeup for the Jinja Mastery challenge from PWNSECCTF 2024

November 16, 2024 · 4 min · r4bbithole blog

PWNSECCTF 2024 - Taco Shop

A writeup for the Taco Shop challenge from PWNSECCTF 2024

November 16, 2024 · 4 min · r4bbithole blog

TL-WR741 - Part I: Command injection vulnerability

An outline of a smaller vulnerability research project leading to the discovery of a command injection vulnerability in an older TP-Link router

August 5, 2023 · 11 min · r4bbithole blog

HTB Weather App - Perfect weather to surf

An easy WEB challenge from HackTheBox. A Unicode encoding fault in NodeJS leads to an SQLi via SSRF

June 2, 2022 · 7 min · r4bbithole blog

HTB Restaurant - ROP It Till You Make It

Restaurant is an easy PWN challenge on HackTheBox about exploiting ROP simple buffer to do ROP

May 27, 2022 · 8 min · r4bbithole blog

HTB Forge

Forge is a medium machine on HackTheBox mainly revolving around SSRF and LFI

January 3, 2022 · 11 min · r4bbithole blog