Blog | ZeroClick

2025

How I found a RCE bug in RsaCtfTool to use it in a CTF

In this post I am going to explain a way to achieve RCE in RsaCtfTool abusing pickles.

H HugoBond
March 10, 2025
7 min read

misc
bug

2024

Oracle VM VirtualBox 7.0.10 r158379 Escape

Join me for an in-depth analysis of CVE-2023-22098

D DiegoAltF4
October 17, 2024
25 min read

Hypervisors
Vulnerability Research
Exploiting
VirtualBox
Intro to development using eBPF

This post aims to build a development docker container for eBPF and libbpf tooling

e esquilichi
May 27, 2024
11 min read

eBPF
Dev
TCC Overview and Internals

This post aims to explain the TCC basics and the new threat model it enables in red-ops to macOS

e esquilichi
May 27, 2024
7 min read

macOS
TCC
La Casa de Papel Writeup HackOn 2024 CTF

Writeup of the challenge "La Casa de Papel" at Hackon 2024 CTF. It consisted on abusing glibc malloc and FSOP to achieve RCE.

x xin0
April 17, 2024
14 min read

FSOP
Exploiting