arxenix's blog
  • Blog Home
  • Personal Site
Subscribe
Ankur Sundara

Ankur Sundara

7 posts published

research

Detecting uBlock origin via a timing side-channel

chrome extensions are bad, use firefox

  • Ankur Sundara
Ankur Sundara Jun 23, 2021 • 1 min read
web

PlaidCTF 2021 - wowza - web (350pt)

race condition + prototype pollution + SSRF via fetch() redirect

  • Ankur Sundara
Ankur Sundara Apr 26, 2021 • 4 min read
writeups

DragonCTF 2020 - Scratchpad (web)

Error-Based XS Leak

  • Ankur Sundara
Ankur Sundara Dec 7, 2020 • 3 min read
research

Showcasing the Importance of Secure Defaults with a PyYAML 0day

Bypassing PyYAML filtering and getting a CVE (2020-14343)

  • Ankur Sundara
Ankur Sundara Oct 13, 2020 • 6 min read
web

CSAW CTF Finals 2019 - easiest crackme - Web (100,300,300 pt)

Exploiting a chrome extension that allows you to debug binaries via RPC

  • Ankur Sundara
Ankur Sundara Nov 12, 2019 • 4 min read
writeups

PlaidCTF 2019 - can you guess me - misc (100pt)

Bypassing heavily filtered python code evaluation

  • Ankur Sundara
Ankur Sundara Apr 16, 2019 • 2 min read
web

Pwning PHP CTF Challenges

Short list and collection of links to learn about vulns used in PHP CTF Challenges

  • Ankur Sundara
Ankur Sundara Dec 31, 2018 • 2 min read
arxenix's blog © 2023
Powered by Ghost