We speedran BlockCTF 2024 and placed 1st. Here are the writeups for all of our solves.
Exploiting a format string vulnerability and arbitrary file upload in a Python typing game to achieve remote code execution.
Exploiting a use-after-free vulnerability in Rust std::iter::RepeatN with Rc to achieve arbitrary read/write and RCE through libc cancellation handlers.
LakeCTF 2024 Quals: a heap overflow exploit in a C++ calculator program and a multi-stage web proxy bypass leveraging URL parsing quirks.