14 POSTS · POST
DATE CAT TITLE TARGET CVSS
2023 · 1
24-12 POST Remedy Invitational Challenge Writeup Remedy — 2022 · 2
26-04 POST VestaCP Multiple Vulnerabilities VestaCP 7.8 12-02 POST impressCMS - unauthenticated code execution ImpressCMS 9.8 2021 · 7
05-12 POST HITCON CTF 2021 Metamon-Verse Writeup HitconCTF 2021 — 23-11 POST Moodle Blind SQL injection via MNet authentication Moodle 7.2 22-10 POST Moodle - Stored XSS and blind SSRF possible via feedback answer text Moodle 6.1 20-08 POST Vanilla - SSRF via media scrape API through dns rebinding Vanilla 9.8 09-08 POST Roxy-WI through 5.2.2.0 pre-auth RCE Roxy-wi 9.8 17-05 POST 3kCTF-2021 - ppaste writeup 3kCTF 2021 — 11-01 POST h1CTF - HackyHolidays walkthrough H1-CTF — 2020 · 4
31-12 POST iceCTF-2020 - krouter writeup iceCTF 2020 — 25-07 POST 3kCTF-2020 - Glitch writeup 3kCTF 2020 — 25-07 POST 3kCTF-2020 - reporter writeup 3kCTF 2020 — 25-07 POST 3kCTF-2020 - babym1ps writeup 3kCTF 2020 —
CONTACT
rekter0
PROFESSIONAL SLOPPER
Application security research. vulnerability disclosure, and the occasional pre-auth RCE chain.
28 CVE 7 EXPLOIT 14 POST