Select Page

ContrailCTF 2019: welcomechain write-up

Jan 17, 2020 | write-up

Description Solution 1. Description peilin@PWN:~/contrailctf/welcomechainuser@computer$ file welcomechainwelcomechain: ELF 64-bit LSB executable, x86-64, version 1 (SYSV), dynamically linked, interpreter /lib64/l, for GNU/Linux 3.2.0,...

ContrailCTF 2019: EasyShellcode write-up

Jan 11, 2020 | write-up

Description Solution 1. Description After completing pwnable.kr’s asm challenge, I decided to do more shellcode things. As recommended by 道路さん (@Nperair) from Contrail, I checked out their own CTF, ContrailCTF 2019, and saw this shellcode challenge called...

pwnable.kr: asm write-up

Jan 9, 2020 | write-up

Description Exploitation Shellcode Explained 1. Description Do ssh asm@pwnable.kr -p2222 to play. Password is guest. The challenge program is running on local port 9026. asm@prowl:~user@computer$...

ROP Emporium: ret2csu write-up

Nov 24, 2019 | ROP, write-up

Introduction Binary information __libc_csu_init() CALL issue Constructing ROP chain Conclusion 1. Introduction This ret2csu challenge from ropemporium.com teaches a new ROP technique presented at Black Hat Asia 2018 called return-to-csu. You can download the binary...

DEF CON CTF Qualifier 2015: r0pbaby write-up

Nov 20, 2019 | ROP, write-up

Introduction Learning about the binary Locating return address First attempt MOVAPS issue From user to root Conclusion 1. Introduction Recently I started learning how to pwn. As recommended by Atum, I decided to start from this challenge from DEF CON CTF qualifier...