KOREONE

Midnight Flag CTF 2026 – Canvas of Fear Challenge Writeup

"Canvas of Fear" is a multi-layered exploitation challenge that combines Stored Cross-Site Scripting (XSS), heap-based buffer overflow via integer overflow, and Return-Oriented Programming (ROP) into a single attack chain. The challenge presents a web application backed by a native C binary (canvas_manager) that manages pixel canvases in memory. The attack surface spans three distinct components: A Flask web…

https://kore.one/midnight-flag-ctf-2026-canvas-of-fear-challenge-writeup/?utm_source=mastodon&utm_medium=jetpack_social

Midnight Flag CTF 2026 – Canvas of Fear Challenge Writeup » kore.one

"Canvas of Fear" is a multi-layered exploitation challenge that combines Stored Cross-Site Scripting (XSS), heap-based buffer overflow via integer overflow, and Return-Oriented Programming (ROP) into a single attack chain. The challenge presents a web application backed by a native C binary (canvas_manager) that manages pixel canvases in memory. The attack surface spans three distinct components:

kore.one
Mar 19 at 8:00amJetpack