<?xml version="1.0" encoding="utf-8" standalone="yes"?><rss version="2.0" xmlns:atom="http://www.w3.org/2005/Atom" xmlns:content="http://purl.org/rss/1.0/modules/content/"><channel><title>Vtable Hijack on CyberSecurity Elite</title><link>https://cybersecurityelite.com/tags/vtable-hijack/</link><description>Recent content in Vtable Hijack on CyberSecurity Elite</description><image><title>CyberSecurity Elite</title><url>https://cybersecurityelite.com/images/og-default.png</url><link>https://cybersecurityelite.com/images/og-default.png</link></image><generator>Hugo</generator><language>en-us</language><lastBuildDate>Wed, 15 Jul 2026 14:52:15 +0200</lastBuildDate><atom:link href="https://cybersecurityelite.com/tags/vtable-hijack/index.xml" rel="self" type="application/rss+xml"/><item><title>Junior.Crypt 2026 Pwn + Reverse Writeup: 4 Challenges Solved (Cookie-Encoded Function Pointers, UAF Type Confusion, Heap Overflow with Reclassify, TCC-Injected VM)</title><link>https://cybersecurityelite.com/ctf-writeups/junior-crypt-2026-pwn-reverse-writeup/</link><pubDate>Wed, 15 Jul 2026 12:15:00 +0000</pubDate><guid>https://cybersecurityelite.com/ctf-writeups/junior-crypt-2026-pwn-reverse-writeup/</guid><description>Step-by-step Junior.Crypt 2026 pwn and reverse writeup — three pwn challenges (Clockwork Vault: negative-index array bug + service-cookie-encoded function pointers; House of Mirage: session-to-sink UAF type confusion with pipelined race + fake vtable; Museum of Echoes: reclassify without realloc + heap overflow into adjacent exhibit&amp;#39;s routine ptr) and one reverse challenge (Write The Кодэ: modified TCC compiler smuggles a hidden C source with a 512-byte VM blob decrypted by an ELF-relocation-derived key).</description></item></channel></rss>