Postviewer v3 writeup by @terjanq
As it always have been with my challenges for Google CTF, they are based on real bugs I found internally. This year is a bit different though. This time the bugs were crafted by no other than me myself. One bug didn't manage to reach the production and the other is still present in prod making it effectively a 0day!
Both of my challenges (Postviewer v3 & Game Arcade) for this year are related to a sandboxing I've been working since the first postviewer challenge. You can read a little bit about it in