Hi everyone! This post is on BKSEC 2022 CTF which was held in early April this year. I only attempted the pwn category as I was feeling lazy to try out the others. The pwn challenges tested on arbitrary write via array out of bound (OOB), stack alignment on x64 programs, and bypassing integer inputs […]
Hi everyone! This post is on picoCTF 2022 write-up for binary exploitation that was held from 16th March 2022 to 30th Mar 2022. In this CTF, there are buffer overflow, on stack shellcode execution, format string attack, function overwrite, C programming array out of bound (OOB) arbilitary write, stack cache, and vulnerable string check. Let’s […]
Hi everyone! Today’s post is on Little Tommy, a medium challenge on HackTheBox which was created on 27th September 2017. However, this challenge is actually quite easy and straightforward. The only difficult part is to identify the vulnerability which is Use-after-Free (UaF). Once you know it, obtaining the flag is very straightforward. Let’s get started! […]
Hi everyone! Today’s writeup is on Racecar, a very easy pwn (binary exploitation) challenge on HackTheBox. This challenge is on format string attack. Let’s get started! Files Given file: racecar (ELF file) Scripts/database made by me: leakflag.py IDA database Tools required Linux Netcat Ghidra IDA (Freeware/Education/Pro) Python3 Pwntools Outlook There are many paths to choose […]
Dear readers, Today’s reading is on HackyBird, a game-based Reverse Engineering challenge. It was created on 19th December 2020. Let’s get started! Files given HackyBird.exe (32-bits) You may also download the IDA database where I renamed some of the functions during reverse engineering here. Tools required Cheat Engine IDA Pro (or any other WIndows supported […]
Dear readers, Recently, I took the CEH (international) theory examination and passed it on my first try. Therefore, I decided to write my reviews on it and hopefully will be helpful for those who intent to take it. The CEH that I recently took is the CEH version 11. Version 11 is pretty new as […]
Today’s topic will be regarding IDA IDC scripting. Previously I have written a post on IDA Python scripting. You can find that post here. However, since IDA Python script is only available for IDA Pro, those of you who only owns IDA Freeware can only use IDC for scripting in IDA. To download IDA Freeware, […]
Today’s post is about some notes that I write down regarding IDA Python Scripting which I hope it benefits others and also a place for me to refer to in the future. I would like to apologize if there are any mistakes as I am still learning. Do comment on any errors I made and […]
Lamecarrot 