Latest

Utilizing an edit primitive to change size and gain Out-of-Bound writes and then overwriting last-byte of a char* to point to a similar chunk, then overwriting size field of a chunk to free that chunk into unsorted bin for libc leak. Overwriting stdout to gain code execution.

Utilizing an out-of-bound write to leak Libc and gain rbp/rip control and get shell using one_gadget

Utilizing an out-of-bound write to gain RIP control and then use a gadget to perform execve syscall

Utilizing Out-of-bounds write to overwrite an adjacent memory chunk to bypass login and using Format String Vulnerability to overwrite a check and overwrite return address on the stack to perform ROP.

Creating pwn challenges for different OS/arch from scratch, and deploying it remotely using Docker.