jackfromeast's blog





idekCTF 2022 Writeup

idek2022 CTF Writeup idek2022 has provided several challenges with good quality. The sprintf challenge is a "wired" format string challenge in which I have summarized 3 different impressive approaches. Check them out!

Read more
WriteupWeb Security

snykCTF 2022 Writeup

This is the writeup for the snykCTF 2022 which provided so many interesting web challenges. I take it as an opportunity to learn more about various web security topics which is why I spend time going through all the challenges again. I hope you find this writeup informative and enjoyable!

Read more
Web Security

Google XSS Game Exploit & Patch

Hi, here are six easy but interesting XSS games hosted by Google. This blog records the writeup, how to patch these vulns and CSP-based protection strategies. More importantly, I summarized the browser parsing process in terms of the timing of different decoding occurring.

Read more

MapleCTF 2022 Pwn Warmup1&2 Writeup

This blog is the writeup of the two pwn challenges, warmup1 and warmup2, which are provided in the recent Maple CTF 2022. Though they are just warmup, I think they are really interesting and kind of complex in terms of the second one, which are worth evaluation and summary.

Read more

Samsung Security Tech Forum 2022 Writeup


Read more

S.H.E.L.L. CTF 2022 Writeup

本次比赛以Th3ee参赛,最终在1092支参赛队伍取得92名的成绩。比赛的题目整体水平比较偏简单(Crypto, Forensic, Misc)。由于比赛没有PWN的题目,所以我本次比赛主要负责Forensics及其他类型的题目。值得一提的是,我们Th3ee的队标新鲜出炉,快点进来看看吧!

Read more