sh1yo’s blog

[Real World CTF 2023] The cult of 8 bit

"Valentina is trapped in the 8-bit cult, will you be able to find the secret and free her?". An unintended solution using the Same Origin Method Execution and xsleaks
Read more ⟶

[ASIS CTF 2022] Firewalled

"I made a firewalled curl". The task was about an old http feature – line folding of headers. In the end, it was solved by 15 teams.
Read more ⟶

[CTFZone 2022] ProxyHell

We can't change our old infrastructure, so we're using 4 proxies to access the flag. What could possibly go wrong?
Read more ⟶