tl;dr

• Passing corrupted ciphertext to get the symmetric key leak
• Fastbin link corruption
• Exploiting double free and UAF in the heap

tl;dr

• Use format String to get into secret service.
• Get libc leaks by overwriting mapped bit of a free chunk.
• Overwrite the Thread Local Block , thus overwriting canary to get buffer overflow.

tl;dr

• Extract keylogger script from the memory dump.
• Extract the master key from the packet capture.
• Reverse the script to get the flag.

tl;dr

• Extract key from the admin by STARTTLS downgrade on the message
• Deserialize using references to get next phase
• Deserialization to RCE to get flag

tl;dr

• Extract Invalid Login timestamp from the windows registry.
• Extract the timestamp of when a JPEG was opened.
• Extract Google Chrome’s last run time which was pinned to taskbar from windows registry.

tl;dr

• Extract process last run time from the windows registry.
• Extract process run count from the windows registry.

tl;dr

• Decrypt the encrypted GPG file found in Outlook Express with the private key stored on the device.
• Decrypt the firefox saved passwords and log in to the website that the terrorist used.

tl;dr

1. Find the co-relation between variables in the LFSR equation
   1. d == out (75%)
   2. a == b (75%)
   3. c^d == out (75%)
   4. (d!= out) => (c==1) always
2. Solve for the seed using 2000 output bits
3. Try out which among the four possible combinations decrypt the flag

tl;dr

• Accessing a variable in Handlebars template using this object

tl;dr

• Zip Slip Vulnerability + YAML Deserialization Attack + Race Condition
• Unintended Solution: Upload symlink leading to arbitarary file reads