Leakguard - HackTheVote 2020 Cyb0rG 2020-10-30 Pwn tl;dr overflow the char candle counter stored in the wax structure and trigger uaf. Use the uaf to trigger double free and get shell. Read More Heap Linux HackTheVote
Grid - CSAW Quals 2020 d4rk_kn1gh7 2020-09-18 Pwn tl;dr Out-of bounds index write allows byte-by-byte overwrite of return address Read More Exploitation Linux CSAW Quals
The Bards' Fail - CSAW Quals 2020 Pwn-Solo 2020-09-15 Pwn tl;dr Carefully arranging structs on stack so as to overwrite saved rip , without corrupting the stack canary. Leak libc with puts and execute a ret2libc to get shell Read More Exploitation Linux CSAW Quals
Signal VM de1ta (Part 2) - de1CTF 2019 R3x 2019-08-09 Reversing / Linux tl;dr Challenge is a VM implemented over signals and ptrace Reverse Instruction types and implementation Use gdb scripting to find the executed code and get the pseudo VM code Find out the algorithm (Max triangle sum) from VM instructions Find an more optimized way to solve the problem (Or lazy solve it!). Read More Linux VM Reversing Automation
Signal VM (Part 1) - de1CTF 2019 R3x 2019-08-08 Reversing / Linux tl;dr Challenge is a VM implemented over signals and ptrace Reverse Instruction types and implementation Use gdb scripting to find the executed code and get the pseudo VM code Reverse the VM functionality (Hill cipher) for flag and profit Read More Linux VM Reversing Automation