Select Page

CSAW CTF Final Round 2015: StringIPC write-up

Jun 18, 2020 | kernel, write-up

Playing with vDSO! Each team was presented with unprivileged access to a Digital Ocean droplet running 64-bit Ubuntu 14.04.3 LTS.  The vulnerable kernel module StringIPC.ko was loaded on each system, and successful exploitation would allow for local...

0CTF 2018 Finals: Baby Kernel write-up

Jun 10, 2020 | kernel, write-up

Yes, indeed. It is yet another “baby” challenge… As its name suggests, this is a kernel PWN challenge. Only the vulnerable LKM and a QEMU startup script are provided, so the very first thing is to download a bzImage of the corresponding version, for...

Really Awesome CTF 2020: Puffer Overflow write-up

Jun 9, 2020 | write-up

This is basically a Python 3.8 shellcoding challenge (650pt). Challenge instance ready at 88.198.219.20:24155.We’ve found an exploitable network service. Exploit it! For your convenience, the source has been provided....

Pwn2Win CTF 2020: At Your Command write-up

Jun 1, 2020 | write-up

Playing with File-Stream Oriented Programming (FSOP)! This is a PWN challenge (263 pt, 27 solves). Through reverse engineering work on Pixel 6, we identified the ButcherCorp server responsible for programming the RBSes. Our exploration team was only able to have...

m0leCon CTF 2020 Teaser: BABYK write-up

May 28, 2020 | kernel, write-up

This is an introductory Linux kernel PWN challenge (217 pt, 20 solves). I did not solve it during the CTF. I wanted to play a bit with, you know, modules and stuff…let me know if you liked it!nc challs.m0lecon.it 9012Author: @madt1m There is a great tutorial on...