https://tomatobuster.github.io/WriteUps/ In-depth CTF writeups covering web, pwn, crypto, reversing and more. en-us https://tomatobuster.github.io/WriteUps/writeups/devarea.html Chaining XOP and Aoache CXF exploitation with HoverFly RCE and Bash binary overwriting to gain full system access. HackTheBox 2026, Web, Medium. Tue, 31 Mar 2026 00:00:00 GMT https://tomatobuster.github.io/WriteUps/writeups/devarea.html https://tomatobuster.github.io/WriteUps/writeups/kobold.html Exploiting an unauthenticated API and abusing a Docker socket to achieve container escape. HackTheBox 2026, MISC, Easy. Mon, 24 Mar 2026 00:00:00 GMT https://tomatobuster.github.io/WriteUps/writeups/kobold.html https://tomatobuster.github.io/WriteUps/writeups/silentium.html Flowise AI api exploitation, Docker Escape and Gogs CVE. HackTheBox 2026, MISC, Easy. Mon, 24 Mar 2026 00:00:00 GMT https://tomatobuster.github.io/WriteUps/writeups/silentium.html