Efficiency: Reverse Engineering with ghidra
It’s been a while since I haven’t written anything on here, but I thought I’d do a quick write-up for one of the challenges from RTFM.
More …It’s been a while since I haven’t written anything on here, but I thought I’d do a quick write-up for one of the challenges from RTFM.
More …This will be a quick one. Last week was hacklu again. And again it was in the middle of the week. Nothing they can do about that they say, and I believe them of course! Point being I didn’t have time to play properly, I only looked at one challenge. There was one little trick I liked and wanted to share.
More …When Phantasmal Phantasmagoria wrote The Malloc Malleficarum back in 2005 he exposed several ways of gaining control of an exploitation through corruption of the internal state of the libc memory allocator. Ten years later people are still exploring the possibilities offered by such complex data structures. In this article I will present how I solved a challenge from Plaid CTF 2015 and the tool I wrote in the process.
More …I’m not sure about this but since it seems to be all the hype these days I might as well give it a try. At first I was under the impression I would miss RsT, but then I thought what the heck, I need to get used to Markdown anyway with everyone on github using that.
More …Hack.lu 2014 was really well done and entertaining. For one challenge we needed
to get system
from an unknown libc while bypassing ASLR. The return to
dl-resolve technique I used wasn’t known to me and I will explain it in this
post.
Long time no see! I just spent two days exploiting a CTF challenge and people want me to do a writeup so here we go. Full sploit can be found here: http://pastebin.com/0px8FEJ7
More …Python jails are pretty common among CTF challenges. Often a good knowledge of the interpreter’s internals gets you a long way. For the non initiated it might sometimes seem like black magic. PlaidCTF offered a challenging task that required the combination of some different techniques and logic.
More …