This writeup from Real World CTF 2022 from LiveOverflow’s team is absolutely mental. He shows the whole process of how solving a properly hard CTF task looks like, including problems and unsuccessful ideas. The exploit ends in creating a ASCII-only .jar file......
Writeups
OAuth + ../ + postMessage bug = account takeover
Oauth account takeovers via open redirects became less common these days - most implementations force developers into specifying strict lists of allowed domains, hence it’s not possible to fiddle with them. However, sometimes you can chain it with another...