Blog Dev Notes CTF Techs About

Latest

All my thoughts/ideas in one place

Published on
October 13, 2024
Cyber-Hackathon 24 - Quals - Pwn - NoCookies
pwn ignite cyber-hackathon-24 oob-write one_gadget
Utilizing an out-of-bound write to leak Libc and gain rbp/rip control and get shell using one_gadget
Read more →
Published on
July 28, 2024
DeadSec-CTF - Pwn - User Management
pwn deadsec24 oob-write printf fsb fsb-to-rop
Utilizing Out-of-bounds write to overwrite an adjacent memory chunk to bypass login and using Format String Vulnerability to overwrite a check and overwrite return address on the stack to perform ROP.
Read more →
Published on
July 26, 2024
Writing and Deploying Pwn Challenges [Multi-arch/OS]
dev-notes pwn docker deployment
Creating pwn challenges for different OS/arch from scratch, and deploying it remotely using Docker.
Read more →
Published on
July 18, 2024
Pwnable.tw - Tcache Tear
pwnable.tw heap tcache tcache-dup double-free unsorted-bin-attack fake-chunk free-hook-overwrite
Utilizing double free to create a fake chunk in the BSS section of the ELF and freeing the chunk into the unsorted bin by using Unsorted Bin Attack to leak libc and overwrite __free_hook.
Read more →
Published on
April 29, 2024
AOFCTF '24 - Misc - Ba-Sing-Se
misc aofctf pyjail eval-in-eval
Using eval inside an eval to build a python code using chr function
Read more →

Subscribe to the newsletter