In Auguest, I and bruno made a XSS challenge on Intigriti. When we decided to make it, we hope it’s a difficult and fun challenge, and the players can also learn a lot from it.
Here is the writeup for this challenge.
corCTF 2022 writeup - modernblog
At first, I had no intention of writing a post about this challenge because the author already had a greate one: corCTF 2022 Challenge Writeups. But, it’s my first time being the only solver for a challenge, it’s still worth writing one.
In this post, I will talk about how I tackled the challenge in the first place and how I solved it in the end.
UIUCTF 2022 Notes
I didn’t participate in this CTF, but I found two interesting problems related to content type and I want to write down the solutions.
Insecure Deserialization in JavaScript: GoogleCTF 2022 Web/HORKOS Writeup
We all heard about insecure deserialization vulnerability and saw many real-world cases in Java, PHP, and other languages.
But, we rarely hear about this vulnerability in JavaScript. I think it’s because the built-in serialization/deserialization function JSON.parse and JSON.stringify are only for basic data structures like string, number, array and object.
Class and function are not supported, so there is no way to run malicious code during deserialization.
What if we implement our deserialization logic and support class and function? What could possibly go wrong?
GoogleCTF 2022 has a web challenge called “HORKOS,” which shows us the way.
GoogleCTF 2022 Notes
This is my first time participating in GoogleCTF. I solved a web problem (HORKOS) and almost solved another one (POSTVIEWER). Here are the solutions for each web problem, sorted by the number of solves.
The keywords are as follows:
- log4j
- ReDoS
- hop by hop
- JavaScript magic function(?)
- async/await and Promise
- race condition
justCTF 2022 Notes
This holiday, there was justCTF and WeCTF, which was all web. I originally wanted to participate in both, so if I got stuck on one, I could switch to the other. However, I got stuck on both XD
This time, justCTF had many good web challenges. As usual, I will write some notes and record some keywords:
- zip/tar symlink
- Velocity SSTI
- Golang path
- git principle
- scp principle
- xsleak, STTF +
:targetselector
The order below is sorted by the number of solves, with more solves at the top.
justCTF 2022 - Baby XSLeak Write-up
Last weekend, I played justCTF 2022 with my team Water Paddler, and we got 7th place!
It’s the write-up about one of the XSleak challenges, an easier one. If you want to see the hard one, you can refer to this awesome writeup: New technique of stealing data using CSS and Scroll-to-text Fragment feature.
DEF CON CTF 2022 Qualifier Notes
This year’s DEF CON CTF qualifier is similar to last year’s, with mostly binary-related problems, and this year requires a lot of reverse knowledge. As someone who basically doesn’t know how to reverse, I can only sit on the sidelines and cheer on my teammates.
However, the only web problem this year (called Discoteq) was quite interesting. The difficulty was not high, but it tested debugging skills, observation skills, and the ability to quickly learn something new. I think it tested basic skills rather than knowledge of a particular language or framework, which was great.
Since this was the only problem that was easy to solve this year, I decided to write about it in a different way. I will write about my thought process for solving the problem based on the timeline. The time stamp indicates how long it took from the release of the problem.
An Introduction to the Tailwind CSS and Atomic CSS
Recently, there has been a series of discussions about Tailwind CSS on the Front-End Developers Taiwan Facebook group. The reason for this is another post that has been deleted. I have seen that post, but I won’t talk about what it was about because it’s not the focus of this article.
Anyway, that post sparked a lively discussion among front-end communities on Facebook, and many articles related to technology were quickly added within two or three days.
And many people are actually discussing the concept of Atomic CSS more than the tool Tailwind CSS.
m0leCon CTF 2022 Notes
I originally planned to write a more detailed post, but I realized that it might take a long time to publish. So I decided to write a brief version first.
I solved the following four web challenges:
- Fancy Notes
- Dumb Forum
- LESN
- ptMD
Here are some keywords that might be helpful for future reference:
- Length extension attack
- SSTI
- Mutation XSS
<svg><style> <meta name="referrer" content="unsafe-url" /><meta http-equiv="refresh" content="3;url">- Puppeteer’s click behavior is to capture the element position and then click the coordinates.