Binary Exploitation Series (7): Full RelRO Bypass
Hello everyone! Today we are going to bypass Full RelRO by using a relative write out-of-bounds vulnerability. Like last time, we have access to the binary (...
Tags
CTF
Facebook CTF 2019: overfloat
overfloat was an entry challenge of the pwnable category of the Facebook CTF 2019. A binary and a libc were provided (Original tar). You can find the full ex...
Binary Exploitation Series (6): Defeating Stack Cookies
Today we are going to defeat stack cookies in two different ways. We have access to the binary and we need to leak some information about its environment to ...
Binary Exploitation Series (5): How to leak data?
I often read the question “How to leak data?” and I will try to give you some basic ideas on how to get some information about a target (binary, memory layou...
Binary Exploitation Series (4): Return to Libc
This time we will activate non-executable stack and we’re going to build our first mini ROP-Chain to leak memory addresses! Basic ASLR is of course still ena...
Binary Exploitation Series (3): Your first Exploit
Our first target is a really simple binary where we have basic ASLR enabled (only Heap and Stack are randomized). For this example, we will disable other pro...
Binary Exploitation Series (2): Bug Classes
This post gives a brief overview of some bug classes, but it will not cover everything in detail. I’ll provide some additional resources for bug classes whic...
Binary Exploitation Series (1): Environment Setup
Foreword This series will cover some basic exploitation techniques on Linux systems (x64) which are getting more advanced during the series. The main focus w...
Hack.lu 2018: Baby Reverse
Baby reverse was a beginner reversing challenge of this year’s hack.lu CTF. It was a great beginner challenge for people who are new to reversing at all.
Hack The Box: Celestial
Today, we are going to do Celestial of Hack the Box.
Hack The Box: Valentine
Hello everyone! Today, we are going to do Valentine of Hack the Box.
Binary Exploitation Series
Binary Exploitation Series (7): Full RelRO Bypass
Hello everyone! Today we are going to bypass Full RelRO by using a relative write out-of-bounds vulnerability. Like last time, we have access to the binary (...
Binary Exploitation Series (6): Defeating Stack Cookies
Today we are going to defeat stack cookies in two different ways. We have access to the binary and we need to leak some information about its environment to ...
Binary Exploitation Series (5): How to leak data?
I often read the question “How to leak data?” and I will try to give you some basic ideas on how to get some information about a target (binary, memory layou...
Binary Exploitation Series (4): Return to Libc
This time we will activate non-executable stack and we’re going to build our first mini ROP-Chain to leak memory addresses! Basic ASLR is of course still ena...
Binary Exploitation Series (3): Your first Exploit
Our first target is a really simple binary where we have basic ASLR enabled (only Heap and Stack are randomized). For this example, we will disable other pro...
Binary Exploitation Series (2): Bug Classes
This post gives a brief overview of some bug classes, but it will not cover everything in detail. I’ll provide some additional resources for bug classes whic...
Binary Exploitation Series (1): Environment Setup
Foreword This series will cover some basic exploitation techniques on Linux systems (x64) which are getting more advanced during the series. The main focus w...
Hack The Box
Hack The Box: Celestial
Today, we are going to do Celestial of Hack the Box.
Hack The Box: Valentine
Hello everyone! Today, we are going to do Valentine of Hack the Box.
Reverse Engineering
Hack.lu 2018: Baby Reverse
Baby reverse was a beginner reversing challenge of this year’s hack.lu CTF. It was a great beginner challenge for people who are new to reversing at all.
Binary Exploitation
Facebook CTF 2019: overfloat
overfloat was an entry challenge of the pwnable category of the Facebook CTF 2019. A binary and a libc were provided (Original tar). You can find the full ex...