San Diego CTF 3 (2022) Write-up (pwn)

Hi everyone! San Diego CTF 3 was held from 7/5/2022 to 8/5/2022. This post will be on the two pwn challenges I have solved for my team. Let’s get started! 1. Challenges Horoscope ret2win x64 ELF buffer overflow (BoF) challenge Secure Horoscope Return-oriented programming (ROP) ret2libc x64 ELF challenge with limited space. Hence creativity is […]

b01lers CTF 2022 Write-up (Pwn)

Hi everyone! This post is on b01lers CTF 2022’s pwn challenges which was held on 23/4 – 24/4. The pwn challenges are on using gets() and overflow to bypass strcmp() as well as string format attack to leak the flag located in heap memory. Let’s get started! 1. gambler_overflow Feeling luuuuuuuucky? You must create a flag.txt […]

BKSEC 2022 CTF Write-up (Pwn)

Hi everyone! This post is on BKSEC 2022 CTF which was held in early April this year. I only attempted the pwn category as I was feeling lazy to try out the others. The pwn challenges tested on arbitrary write via array out of bound (OOB), stack alignment on x64 programs, and bypassing integer inputs […]

picoCTF 2022 Write-up (Binary Exploitation)

Hi everyone! This post is on picoCTF 2022 write-up for binary exploitation that was held from 16th March 2022 to 30th Mar 2022. In this CTF, there are buffer overflow, on stack shellcode execution, format string attack, function overwrite, C programming array out of bound (OOB) arbilitary write, stack cache, and vulnerable string check. Let’s […]

HackTheBox – Format Write-up

Dear readers, Today’s write-up is on Format, a Pwn challenge on HackTheBox. It was created on 5th September 2020. This is a format string vulnerability challenge that has all protection enabled. Thus, read on if you are interested. Files provided There is only one file provided which is a 64-bit ELF file: format Besides that, […]

HackTheBox – Space Write-up

Dear readers, This post is on a HackTheBox Pwn challenge called Space. It was created on 30th May 2020. Let’s go straight into the write-up. Files provided There is only one 32-bit ELF file provided: Space Besides that, an IP address to the server hosting the file is also provided. Software required GDB (GNU/Linux debugger) […]

HackTheBox – Restaurant Write-up

Dear readers, Today’s post is on the Restaurant challenge which is a pwn challenge which is also known as a binary exploitation challenge. The challenge was created on 27th February 2021. This challenge focuses on crafting ROP exploit so read on if you are interested. Let’s dive right into the write-up. Files provided There are […]