A collection of notes

A Journey From `sudo` iptables To Local Privilege Escalation


You've landed on a network appliance and you need those fancy privileges? Don't worry, I've got your back!
Read more ⟶

AlcaWASM Challenge Writeup - Pwning an In-Browser Lua Interpreter


Gamedevs of the world, unite! Your favourite language is in danger -- the l33t wrongdoers have figured out how to BYOB (Bring Your Own Bytecode) and pwn the Lua v5.4 interpreter!
Read more ⟶

Element Android CVE-2024-26131, CVE-2024-26132 - Never Take Intents From Strangers


Wild trips with intent redirections to compromise an end-to-end encrypted messaging chat.
Read more ⟶

Hunting for (Un?)authenticated n-days in Asus Routers


Firmware analysis, reverse engineering and binary exploitation shenanigans on Asus routers.
Read more ⟶