-
Quick Heal Self Protection Bypass Vulnerability
A high-severity privilege escalation vulnerability I discovered in Quick Heal antivirus kernel drivers (ggc.sys and catflt.sys). By exploiting circular authentication and insecure communication ports, I demonstrated how a non-privileged user can completely bypass self-protection to read, write, or delete any system file, including local credential hives.
-
CVE-2022-34713 PoC
A path traversal vulnerability has been reported in Microsoft Windows Support Diagnostic Tool (msdt.exe) prior to KB5016616. The vulnerability occurs within SdpCopyDirectory in sdiaeng.dll when processing user controlled filenames. The network-based attack vector involves crafting a malicious diagcab file. A remote anonymous attacker can exploit this vulnerability to achieve code...
-
Ancient House - InCTF Internationals 2021
Jemalloc heap challenge A buggy implementation of strncat in merge allows for an overwrite onto the next region
-
Favourite Architecture-1 - StarCTF 2021
Abusing a stack overflow on a RISC-V binary to then return to shellcode.