Hi everyone! This article is on ImaginaryCTF which is held every month. In this month’s pwn challenges, there is buffer overflow to overwrite local variable, format string attack (stack-based and heap-based) to overwrite a global variable, and ROP ret2libc using two GOT functions to leak libc used and bypass libc ASLR. All these challenges are […]
Hi everyone! Today’s post is on Little Tommy, a medium challenge on HackTheBox which was created on 27th September 2017. However, this challenge is actually quite easy and straightforward. The only difficult part is to identify the vulnerability which is Use-after-Free (UaF). Once you know it, obtaining the flag is very straightforward. Let’s get started! […]
Dear readers, Today I want to talk about GOT attack using Double Free. I was reading on GOT attack and stumbled across a lecture slide by Indiana University Bloomington. The link to the lecture slide can be found here. The exploit on GOT using Double Free vulnerability is pretty interesting however there are a lot […]
Lamecarrot 