Clik here to view.
ROPing Horcruxes, pwnable.kr
Voldemort concealed his splitted soul inside 7 horcruxes.Find all horcruxes, and ROP it!author: jiwon choissh horcruxes@pwnable.kr -p2222 (pw:guest)HorcruxesHorcruxes is a 32bit ELF binary that...
View ArticleClik here to view.
Reversing a real-world 249 bytes backdoor!
A wild backdoor has appeared. Press 1 to ptrace :DWhile going though some vulnerable servers I was able to find a backdoor present that is only 249 bytes long. The backdoor’s md5sum is...
View ArticleClik here to view.
Reversing an 8bit RISC microprocessor
Hey! We have found this old cartridge under a desk in the library of Lapland. It appears to be for a system called “Emu 2.0”, made back in 1978. These systems don’t get produced anymore, and we can’t...
View ArticleClik here to view.
File Magician, 36c3 ctf
Hacking a web application using magic files, sqlite3 injection and finally RCE.Finally (again), a minimalistic, open-source file hosting solution.file magician-3ace41f3b0282a70.tar.xz (2.1...
View ArticleClik here to view.
Reversing Web Assembly (WASM)
The challenge is a flag-checking-service written in web assembly. The flag must be in format hxp{…}. Our goal is to guess the correct flag. I hosted the challenge on my local setup; used Nginx and made...
View ArticleClik here to view.
Reversing Programmable Interface Controllers
AeroCTF had a category of challenges revolving around PICs. The PIC code dump is given for us to analyze and extract the flag from it. ROM dump is given in a hex file: Beginning.hex, also a...
View ArticleClik here to view.
Bypassing Syscall filters
With the advent of tools like AuditD, SECCOMP and SELinux, we have rules to disable a list of Linux syscalls using a blacklist mechanism. These can be used to strengthen the security of the...
View ArticleClik here to view.
Reversing libfuse malware
Recent zer0pts CTF 2021 had a reversing challenge: infected in the reversing, warmup category. [96 pts]The backdoor is installed on this machine: nc others.ctf.zer0pts.com 11011 or nc...
View ArticleClik here to view.
Advanced ROP techniques
Rop or return-oriented-programming is an exploit technique that is usually used to exploit buffer overflow vulnerabilities in programs running with exploit mitigation features like NX, ASLR, RELRO,...
View ArticleClik here to view.
Janet v1.1 REPL Sandbox Bypass
Janet is a functional and imperative programming language. The entire language (core library, interpreter, compiler, assembler, PEG) is less than 1MB. Last weekend I played the UMassCTF 2021 (with...
View Article