Most challenges originate from picoCTF
| Background | link |
|---|---|
| This was my first challenge where I had to craft a keygen, reminiscent of the ones we used to create back in the year 2000. |
challenge 1 |
| I utilized a ROPchain and managed to leak the system and /bin/sh addresses. | Here's a LIBC |
| A simple example of printf formatting vulnerability | Stonks |
| Exploiting a vulnerability in glibc 2.27's tcache mechanism. | Cache Me Outside |
| Use after free | Unsubscriptions Are Free |
| Buffer under flow | babygame01 |
| In-depth Explanation of Buffer Overflow | Clutter Overflow |
| Just another BOF | Simple buffer overflow |
| How to find the right glibc, RPO, buffer overflow, cannary leak, return to libc | Guessing_Game_2 |
| Use rand seed from libc to find the next rand numbers | md5 calculator |
| Background | link |
|---|---|
| brute-force RSA | mind_your_ps_and_qs |
| Breaking down the problem until it solved | New Caesar |
You're interested in crafting your own Python automation scripts for the exploits. However, you're also keen on debugging your code as it runs. Wondering how you can effectively achieve this? This is a cool life hack on how to run the binary as server and attach gdb.
Make fifo file
mkfifo fiforun netcat and redirect the input from fifo:
nc -l -p 8080 < fifo | ./hash >fifogdb to fun process:
process_name="hash"; pid=$(pgrep "$process_name"); [[ -n $pid ]] && gdb -p "$pid" -x .gdbinitcat the content of a file into the running process:
cat buff | nc localhost 8080or just set pwntool to local
p = pwn.remote("localhost", 8080)