Written by shakuganzMay 4, 2022May 5, 2022

ImaginaryCTF April 2022 Write-up (Pwn)

Hi everyone! This article is on ImaginaryCTF which is held every month. In this month’s pwn challenges, there is buffer overflow to overwrite local variable, format string attack (stack-based and heap-based) to overwrite a global variable, and ROP ret2libc using two GOT functions to leak libc used and bypass libc ASLR. All these challenges are […]

Written by shakuganzApril 25, 2022April 25, 2022

b01lers CTF 2022 Write-up (Pwn)

Hi everyone! This post is on b01lers CTF 2022’s pwn challenges which was held on 23/4 – 24/4. The pwn challenges are on using gets() and overflow to bypass strcmp() as well as string format attack to leak the flag located in heap memory. Let’s get started! 1. gambler_overflow Feeling luuuuuuuucky? You must create a flag.txt […]

Written by shakuganzApril 18, 2022

DCTF 2022 – Codechainz Write-up

Hi everyone! This post is on DCTF 2022’s Codechainz which is a fairly easy pwn challenge. This challenge has a buffer overflow (BoF) vulnerability and requires us to jump to a space created by mmap() which is executable. However, there is a shellcode size limit due to the space available. Let’s get started! Files provided […]

Written by shakuganzSeptember 19, 2021October 17, 2021

TryHackMe – Buffer Overflow Prep cheatsheet

Hi everyone! This post is a compilation of John Hammond’s recent video on Buffer Overflow OSCP preparation from TryHackMe. You can see his video here: Anyway, I will be using the OVERFLOW4 prefix instead. So watch his video if you haven’t. The cheatsheet below will allow you to quickly copy & paste, make some changes […]

Written by shakuganzJune 8, 2021January 16, 2022

HackTheBox – You know 0xDiablos Write-up

Dear readers, Today’s post is on a Pwn challenge on HackTheBox. The challenge was released on 8th February 2020. It is a very easy 32-bit ROP challenge so let’s dive into it. Files provide There is only one file provided and the IP address of the server: vuln Vuln is a 32-bit Unix file hence […]

Written by shakuganzJune 7, 2021June 7, 2021

Return-oriented Programming (ROP) (GNU/Linux version)

Dear readers, Recently I was doing a HackTheBox challenge that involves ROP and did a write-up of it then realized I would like to pen down more detailed content of ROP such as symbols vs PLT vs GOT, stack alignment, etc. So here we go. ROP condition No canaries / stack cookies Stack executable or […]

Written by shakuganzJune 4, 2021January 16, 2022

HackTheBox – Restaurant Write-up

Dear readers, Today’s post is on the Restaurant challenge which is a pwn challenge which is also known as a binary exploitation challenge. The challenge was created on 27th February 2021. This challenge focuses on crafting ROP exploit so read on if you are interested. Let’s dive right into the write-up. Files provided There are […]

Lamecarrot

Photography, technology, travel.

Tag: buffer overflow