HackTheBox – Sick ROP Write-up

Hi everyone! This is a SigReturn Oriented Programming (SROP) challenge on an x64 Linux binary file on 15 August 2020. We need to use SYS_mprotect before allowing on-stack shellcode execution to obtain a shell on the server. Let’s get started! 1. Files provide sick_rop (x64 ELF binary) 2. Tools required pwntools ROPgadget IDA Pro/Freeware 3. […]

NahamCon CTF 2022 Write-up (pwn)

Hi everyone! NahamCon CTF 2022 was held from 29/4-30/4. Before we begin, make sure you have pwntools and Python installed. Let’s get started! 1. Challenges Babysteps Buffer overflow with on stack execution on a 32-bits C-based ELF progam to obtain a shell. CALL EAX is used to jump to the start of the shellcode due […]

DCTF 2022 – Codechainz Write-up

Hi everyone! This post is on DCTF 2022’s Codechainz which is a fairly easy pwn challenge. This challenge has a buffer overflow (BoF) vulnerability and requires us to jump to a space created by mmap() which is executable. However, there is a shellcode size limit due to the space available. Let’s get started! Files provided […]

HackTheBox – Space Write-up

Dear readers, This post is on a HackTheBox Pwn challenge called Space. It was created on 30th May 2020. Let’s go straight into the write-up. Files provided There is only one 32-bit ELF file provided: Space Besides that, an IP address to the server hosting the file is also provided. Software required GDB (GNU/Linux debugger) […]