Category Archives: security

bypassing csrf protection through xss

In this article I want to talk about how to bypass protection against CSRF. This protection method is simple as FIG knows that: the server generates a token, it is put on the page with forms, when the user fills … Continue reading

Posted in security | Tagged , , | Leave a comment

notes on bookwriter (pwnable.tw)

Preface that is completely unimportant: Since the completion of interpreter and shelling folder, i have been self-confident and started to look around for questions. As a result, the banker who solved defcon 2016 qual was immediately hit, and the reverse … Continue reading

Posted in security | Tagged , , | Leave a comment

notes on death note (pwnable.tw)

This question seems to be longer than the last apple store from the first time I saw the title… The impression seems to be the weekend exercise. Then I would not write shellcode at the time. I gave up until … Continue reading

Posted in security | Tagged , , | Leave a comment