HackTheBox Cyber Apocalypse CTF 2022 – Intergalactic Chase (pwn) write-up

Hi everyone! This article is on HackTheBox’s Cyber Apocalypse CTF 2022 on pwn only. The event lasted from 14/5/2022 – 19/5/2022. Let’s get started! 1. Challenges Space Pirate: Entrypoint Format string attack on x64 ELF file to overwrite a stack variable’s value. Space pirate: Going Deeper Understanding on strncmp() terminating condition. Fleet Management Shellcoding with […]

San Diego CTF 3 (2022) Write-up (pwn)

Hi everyone! San Diego CTF 3 was held from 7/5/2022 to 8/5/2022. This post will be on the two pwn challenges I have solved for my team. Let’s get started! 1. Challenges Horoscope ret2win x64 ELF buffer overflow (BoF) challenge Secure Horoscope Return-oriented programming (ROP) ret2libc x64 ELF challenge with limited space. Hence creativity is […]

ImaginaryCTF April 2022 Write-up (Pwn)

Hi everyone! This article is on ImaginaryCTF which is held every month. In this month’s pwn challenges, there is buffer overflow to overwrite local variable, format string attack (stack-based and heap-based) to overwrite a global variable, and ROP ret2libc using two GOT functions to leak libc used and bypass libc ASLR. All these challenges are […]

NahamCon CTF 2022 Write-up (pwn)

Hi everyone! NahamCon CTF 2022 was held from 29/4-30/4. Before we begin, make sure you have pwntools and Python installed. Let’s get started! 1. Challenges Babysteps Buffer overflow with on stack execution on a 32-bits C-based ELF progam to obtain a shell. CALL EAX is used to jump to the start of the shellcode due […]

Use DockerFile for debugging with Pwntools

Hi everyone! This article will be on setting up DockerFile for debugging with Pwntools. This may be useful for you during CTF challenges. In the example below, I will be using an example from DCTF 2022 Codechainz. The “app” binary I am using can be downloaded from here. Let’s get started! Setup image from DockerFile […]

DCTF 2022 – Codechainz Write-up

Hi everyone! This post is on DCTF 2022’s Codechainz which is a fairly easy pwn challenge. This challenge has a buffer overflow (BoF) vulnerability and requires us to jump to a space created by mmap() which is executable. However, there is a shellcode size limit due to the space available. Let’s get started! Files provided […]

BKSEC 2022 CTF Write-up (Pwn)

Hi everyone! This post is on BKSEC 2022 CTF which was held in early April this year. I only attempted the pwn category as I was feeling lazy to try out the others. The pwn challenges tested on arbitrary write via array out of bound (OOB), stack alignment on x64 programs, and bypassing integer inputs […]

HackTheBox – Bad grades Write-up

Hi everyone! Today’s post is on Bad grades, a HackTheBox easy Pwn challenge. I wouldn’t say it’s completely easy which the number of people who managed to solve it and the rating people gives shows it as well. This challenge is a Return-oriented Programming (ROP) challenge based on double input in scanf(“&lf”). Read on if […]

HackTheBox – Restaurant Write-up

Dear readers, Today’s post is on the Restaurant challenge which is a pwn challenge which is also known as a binary exploitation challenge. The challenge was created on 27th February 2021. This challenge focuses on crafting ROP exploit so read on if you are interested. Let’s dive right into the write-up. Files provided There are […]