Last weekend I attended FlagWars 2026, an in-person CTF organized by Laokoon, IBM and CGI. It has been some time since my last Jeopardy CTF, so getting back into it was a great time. Beyond the competition itself, you always meet a ton of cool new (and familiar!) people at these events.

To recap one of the challenges, I wrote up my full solve for "Lightsaber Constructor", a pwn challenge where a Use-After-Free bug let me chain tcache poisoning and a GOT overwrite for a shell. Check it out and let me know what you think!

#pwn #ctf #flagwars #ExploitDevelopment

https://s3mme.com/posts/flagwars-2026-lightsaber-constructor/