astronaut
Logbook
Web Security • Research • CTF
Menu
Filtered View

Tag: #rce

6 posts

Jun 30, 2026

Filtered Reality

Full-chain CTF writeup for a WordPress and Puppeteer bot challenge involving nonce leakage, DOM clobbering, CSP nonce recovery, RCE, and SHA-256 length extension.

#writeup #wordpress #xss #csp #rce
Sekaictf2026 web hard
Jan 03, 2026

Fancy

Status: Done

#writeup #rce #lfi #file-upload #deserialization
Sekaictf2025 web
Jan 03, 2026

hqlime

Status: Done

#writeup #ssrf #rce #command-injection
Sekaictf2025 web
Sep 12, 2025

Novacore

#writeup #xss #sqli #rce #csp
HTB web
Jul 04, 2023

corctf-challenge-dev

#writeup #xss #rce #lfi #csp
Corctf2024 web
Jul 04, 2023

untitled-smarty-challenge

#writeup #ssti #rce #file-upload #command-injection
web