GPN CTF 2026 — Leftover Leftovers: One-Byte JVM AOT Cache Patch
Platform GPN CTF 2026 (kitctf) Difficulty Medium-Hard OS Reverse — JVM AOT cache, Javalin, JEP 295 CDS archive Tags reading a JVM AOT cache's ConstMethodView blob, locating a per-method bytecode body inside a 51 MB CDS archive, identifying that the upload validator hashes class structure not bytecode bytes, patching one byte (iconst_0 → iconst_1) to flip a verifier's return, then chaining the original leftovers exploit on Stage 2 Leftover Leftovers is the GPN CTF 2026 follow-on to leftovers. The challenge bolts an upload-and-validate stage on the front: a Javalin server lets you POST /init a candidate cache.aot, runs verifyStuff on it, and if the hash matches the original it writes /tmp/cache.aot for the original leftovers Server to consume. ...