Writeup for a series of challenges I wrote for CyCTF 2023 simulating a vulnerability research scenario on a router. The challenge provides a firmware dump with the need to extract the filesystem and analyze two services included.

Writeup for a misc challenge I wrote for CyCTF 2023. The challenge is a python script that allows command execution but redirects stdin, stdout and stderr to /dev/null.

The journey of finding two post-authentication vulnerabilities (CVE-2022-48615, CVE-2022-48616) in Huawei NetEngine AR617VW and chaining them to achieve RCE as root.

This advisory shows the results of a vulnerability research which was conducted on PayDroid_7.1.1_Virgo_V04.5.02_20220722 running on the A930 terminal. As a result of this research 3 vulnerabilities were identified (CVE-2023-27197, CVE-2023-27198, CVE-2023-27199).

Writeup for a pwn challenge from BackdoorCTF 2022. The challenge performs CRUD operations on chucks managed by a custom allocator.

This advisory shows the results of a vulnerability research which was conducted on PayDroid_7.1.1_Virgo_V04.3.26T1_20210419 running on the A930 terminal. As a result of this research 4 vulnerabilities were identified (CVE-2022-26579, CVE-2022-26580, CVE-2022-26581, CVE-2022-26582).