ret2life

corCTF 2021 - outfoxed

12 hours before the CTF ended, my friend hit me up telling me about the firefox pwn challenge in corCTF. I have never done Firefox/Spidermonkey pwn before, so this has been an awesome learning opportunity for me. Because I started the challenge when not much time was left, this write-up may not fully and correctly convey all technical details. Please keep that in mind and hit me up if you find anything incorrect, I would be happy to learn and update my post!

2021-08-23 11:47:00 +08002021-08-23T11:47:00+08:00 12

Google CTF 2021 - Fullchain

This year, I played Google CTF under team vh++. Although we did not solve this challenge during the CTF, we have finished it afterwards. This write-up explains the process of studying and writing exploit for chromium browser in the challenge Fullchain of Google CTF 2021. Since I have never tried a chrome sandbox escape or partition alloc exploit, this is a fantastic opportunity to learn both. Let’s go!

2021-07-20 23:15:00 +08002021-07-20T23:15:00+08:00 25

AceBear CTF 19

I had a lot of fun and a hard time during this CTF, but the challenges are really awesome. I spent the whole time solving one challenge: Incident Response (Misc 1000). In my opinion, this challenge closely resembles a real-life scenario and I’m glad that I’ve learned a lot out of it. So here goes the write up for it!

2019-04-09 06:46:23 +08002019-04-09T06:46:23+08:00 10

Insomnihack Teaser CTF 2019

This is my exploit for the Onewrite challenge from Insomnihack Teaser CTF 2019.

2019-01-21 08:21:38 +08002019-01-21T08:21:38+08:00 7

TetCTF 19

This is my write-up for TetCTF 19

2019-01-01 14:34:45 +08002019-01-01T14:34:45+08:00 21

35C3 CTF

This is my first time participating in C3 CTF. Although I wasn’t able to solve many challenges within the time of the CTF, I still find the challenges really awesome and exciting. I wanted to solve pwnable challenges with the hope to learn more about exploit development of real applications, but ended up solving 2 RE ones. Here is my writeup for them :)

2018-12-30 11:01:14 +08002018-12-30T11:01:14+08:00 11

H1-702 CTF 2018

It’s this time of the year again and I have the chance to play the CTF held by Hackerone. It has a lot of mobile hacking challenge, and at the same time, I wanted to dive into this. What a good time to learn!

2018-06-29 20:48:43 +08002018-06-29T20:48:43+08:00 22

GRIMM HAX Combined Challenge

This is the write-up for challenges I have done GRIMM HAX challenge.

2018-05-23 03:08:38 +08002018-05-23T03:08:38+08:00 24

2017 SANS Holiday Hacking Challenge

This year, I’ve had the chance to participate in SANS Holiday Hacking Challenge. The first time I did it was last year. I didn’t think it was interesting with real pentesting stuffs until I read the writeups, so I decided to start early this year.

2017-12-16 22:42:59 +08002017-12-16T22:42:59+08:00 27

UB Lockdown V3

The weekend before Thanksgiving, I had the chance to play at Lockdown v3, an incident response competition held at University of Buffalo by UBNetDef.

2017-12-05 12:15:24 +08002017-12-05T12:15:24+08:00 4
Recent Update