Stig's Lab Notes
  • UAF and House Of Force Fun - ROMHack CTF Swordmaster Pwn Challenge

    A format string leak, a UAF heap leak, and a House of Force attack to pop a shell in the ROMHack CTF Swordmaster pwn challenge.

    September 25, 2022 - 14 minute read -
    Pwn CTF Heap
  • JWT Confusion and SSTI - CyberSanta CTF Naughty or Nice Web Challenge

    Exploiting a JWT verification flaw and an SSTI vulnerability to get RCE in the CyberSanta CTF Naughty or Nice web challenge.

    December 9, 2021 - 8 minute read -
    Web CTF SSTI JWT

© 2026 Stig's Lab Notes. Built with Chalk.