All Posts

  • Published on
    The money-printer-2 challenge is a really interesting format string challenge. It shows a cool fmt exploit technique that leverages chained pointer and brute forcing which I haven't seen before.
  • Published on
    This is the writeup for the umd ctf 2023 which was held by the University of Maryland. They provided a lot of interesting challenges in the Pokemon theme which I really enjoy :>.
  • Published on
    Here is my write-up for the dynamic-allocator-misuse(heap) module of the `pwn.college`. Due to the disclosure agreement, I won't post the full exploit but the PoC code to show the idea of the solutions. Glad to see they are adding more challenging levels at the end. Have fun.
  • Published on
    Lately, I have been working on customizing V8 which gives me a chance to learn more about V8. In this blog post, I will be sharing my experience of getting started with V8. The topics that will be covered include building V8 from the source, debugging V8, and comprehending V8's compilation pipeline.