Writeups

All the writeups we've published.

• USCG Open Season 5: Scratchpad - SQL Injection + Git Command Injection

  Published: 19 Jun, 2025 |  at  03:00 PM

  Exploiting boolean SQL injection to leak admin directory path, then using Git command injection to read flag from previous commits.