Articles
4
Tags
0
Categories
5
Home
Archives
About Me
Certificate
Music
KaitoVu
How I Found Two Critical RCE In A Microsoft Repository
Back to Home
Home
Archives
About Me
Certificate
Music
How I Found Two Critical RCE In A Microsoft Repository
Created
2026-04-20
|
Updated
2026-05-11
|
Security Research
CVE
|
Post Views:
COMING SOON (waiting for CVE)
Author:
KaitoVu
Link:
https://kaitovu.site/2026/04/20/data-formulator/index/
Copyright Notice:
All articles on this blog are licensed under
CC BY-NC-SA 4.0
unless otherwise stated.
Previous
(English) THCON 2026 CTF — THCity Authentication Collapse — Write-up
In this CTF tournament, I successfully clear all web challenge with team Void_Walker This is my write up for chall THCity: Authentication Collapse (Part 1 and 2)OverviewThe challenge runs two Docker services behind a single Apache HTTP server on port 8888: flag_app (PHP + Apache): serves a public site and a Basic-Auth-protected /secret/ page whose PHP reads a flag from Redis. express_sso (Node.js/Express): an internal SSO service on port 3000, only reachable from flag_app. Apache’s a...
Next
(English) My Study on Prototype Pollution
Overview of Prototype Pollution Prototype pollution vulnerabilities typically arise when user input is used to set properties ofexisting objects.This vuln is kind of long theory so I will not discuss in this blog. You can learn more about this vulnerable here But after complete that learning-path, I start do some CTF challenge and writeup it here. pr0t0typ3 p011ut10n OverviewThe Exploit chain for this challenge have two step: Bypass login as admin through a type-confusion / query-form...
KaitoVu
Every System has its Vulnerabilities
Articles
4
Tags
0
Categories
5
Follow Me
Announcement
Recent Posts
(English) THCON 2026 CTF — THCity Authentication Collapse — Write-up
2026-05-10
How I Found Two Critical RCE In A Microsoft Repository
2026-04-20
(English) My Study on Prototype Pollution
2026-03-28
(VietNamese) UTECTF 2026 Writeup
2025-07-09
