Tag

#JavaScript

3 posts tagged JavaScript

Patchstack Aliance CTF S02E03 - WordCamp Europe

The endpoint /wp-json/ghostly/v1/login is a custom REST route in the WordPress backend. Here’s the kicker:Here’s the vulnerable PHP handler logic (as reverse-engineered from the behavior):This effecti...

June 8, 2025

CTF

Zero-Day XSS Found in Open Source JS Library for CTF Solution - UIUCTF 2023 - peanut-xss Writeup

This week, I participated in UIUCTF 2023 with the TCP1P team and successfully solved multiple challenges. One of the challenges I tackled was called "peanut-xss".In this challenge, our goal was to exp...

April 30, 2024

CTF

Exploiting the Latest Render Engine in Node (EJS) - SEETF 2023 - Express JavaScript Write-up

During SEETF 2023, I participated as a member of the TCP1P team and successfully solved several web challenges.In this article, I will provide a write-up for a specific challenge called "Express JavaS...

April 30, 2024

CTF