Hi everyone! This article is on ImaginaryCTF which is held every month. In this month’s pwn challenges, there is buffer overflow to overwrite local variable, format string attack (stack-based and heap-based) to overwrite a global variable, and ROP ret2libc using two GOT functions to leak libc used and bypass libc ASLR. All these challenges are […]
Dear readers, Today’s write-up is on Format, a Pwn challenge on HackTheBox. It was created on 5th September 2020. This is a format string vulnerability challenge that has all protection enabled. Thus, read on if you are interested. Files provided There is only one file provided which is a 64-bit ELF file: format Besides that, […]
Dear readers, Recently I was doing a HackTheBox challenge that involves ROP and did a write-up of it then realized I would like to pen down more detailed content of ROP such as symbols vs PLT vs GOT, stack alignment, etc. So here we go. ROP condition No canaries / stack cookies Stack executable or […]
Lamecarrot 