ImaginaryCTF April 2022 Write-up (Pwn)

Hi everyone! This article is on ImaginaryCTF which is held every month. In this month’s pwn challenges, there is buffer overflow to overwrite local variable, format string attack (stack-based and heap-based) to overwrite a global variable, and ROP ret2libc using two GOT functions to leak libc used and bypass libc ASLR. All these challenges are […]

HackTheBox – Little Tommy Write-up

Hi everyone! Today’s post is on Little Tommy, a medium challenge on HackTheBox which was created on 27th September 2017. However, this challenge is actually quite easy and straightforward. The only difficult part is to identify the vulnerability which is Use-after-Free (UaF). Once you know it, obtaining the flag is very straightforward. Let’s get started! […]