We successfully exploited a Unicode vulnerability in the scavengepad service during the ENOWARS game and found one more unverified-user-input vuln afterwards. Saarsec found and exploited a different vuln, based on the non-thread-safety of the random number generator in the System.Random class.

Original writeup (https://w0y.at/writeup/2019/11/30/enowars-3-scavengepad.html).