A friend of mine, 0xdln, reached out to me with a cache poisoning issue on an OpenID autoconfiguration endpoint - /.well-known/openid-configuration, on a public program on Bugcrowd, with which he was struggling to demonstrate an impact, so we decided to dig deeper.

After getting an invitation to Jupyter’s private (then public and now not active anymore) program on Intigriti I decided to dig into its codebase. Spending a few hours I found a client side path traversal issue chaining which with an open redirect and a chromium issue, I was able to leak Jupyterlab’s authentication and csrf tokens.

The next challenge we did with Varik Matevosyan on OFFZONE Moscow CTF was an express.js file upload application - Express Notes.

OFFZONE Moscow team made a great challenge on prototype pollution and we with my friend Varik Matevosyan had a fun time finding gadgets for it.

On the 1 CAT COMPANY CTF we didn’t manage to finalize our solution for the BabyPython challenge, created by Vahe Karapetyan, but one of our team members - Varik Matevosyan, solved it anyways after the time was up.

On November 27 Cyhub Armenia organized a very fun local CTF event - 1 CAT COMPANY CTF and Hayk Andriasyan created an XXE challenge for it.