Hi everyone! This post is on BKSEC 2022 CTF which was held in early April this year. I only attempted the pwn category as I was feeling lazy to try out the others. The pwn challenges tested on arbitrary write via array out of bound (OOB), stack alignment on x64 programs, and bypassing integer inputs […]
Hi everyone! This post is on picoCTF 2022 write-up for binary exploitation that was held from 16th March 2022 to 30th Mar 2022. In this CTF, there are buffer overflow, on stack shellcode execution, format string attack, function overwrite, C programming array out of bound (OOB) arbilitary write, stack cache, and vulnerable string check. Let’s […]
Hi everyone! Today’s writeup is on Racecar, a very easy pwn (binary exploitation) challenge on HackTheBox. This challenge is on format string attack. Let’s get started! Files Given file: racecar (ELF file) Scripts/database made by me: leakflag.py IDA database Tools required Linux Netcat Ghidra IDA (Freeware/Education/Pro) Python3 Pwntools Outlook There are many paths to choose […]
Hi everyone! Today’s post is on Bad grades, a HackTheBox easy Pwn challenge. I wouldn’t say it’s completely easy which the number of people who managed to solve it and the rating people gives shows it as well. This challenge is a Return-oriented Programming (ROP) challenge based on double input in scanf(“&lf”). Read on if […]
Hi everyone! Today’s post is on Hunting, an easy Pwn challenge on HackTheBox. It was created on 27th September 2020. This challenge is on creating an Egg Hunter so read on if you are interested. Let’s get started! Files provided There is only 1 file provided which is a 32-bit ELF file: Hunting You may […]
Dear readers, Today’s write-up is on Format, a Pwn challenge on HackTheBox. It was created on 5th September 2020. This is a format string vulnerability challenge that has all protection enabled. Thus, read on if you are interested. Files provided There is only one file provided which is a 64-bit ELF file: format Besides that, […]
Dear readers, This post is on a HackTheBox Pwn challenge called Space. It was created on 30th May 2020. Let’s go straight into the write-up. Files provided There is only one 32-bit ELF file provided: Space Besides that, an IP address to the server hosting the file is also provided. Software required GDB (GNU/Linux debugger) […]
Dear readers, Today’s post is on a Pwn challenge on HackTheBox. The challenge was released on 8th February 2020. It is a very easy 32-bit ROP challenge so let’s dive into it. Files provide There is only one file provided and the IP address of the server: vuln Vuln is a 32-bit Unix file hence […]
Dear readers, Recently I was doing a HackTheBox challenge that involves ROP and did a write-up of it then realized I would like to pen down more detailed content of ROP such as symbols vs PLT vs GOT, stack alignment, etc. So here we go. ROP condition No canaries / stack cookies Stack executable or […]
Dear readers, Today’s post is on the Restaurant challenge which is a pwn challenge which is also known as a binary exploitation challenge. The challenge was created on 27th February 2021. This challenge focuses on crafting ROP exploit so read on if you are interested. Let’s dive right into the write-up. Files provided There are […]
Lamecarrot 