Pwnable

The last part of the series The binary for this challenge is simply asking the user to guess a number. If it is not correct, the binary will reveal the correct number: ./challenge [*] ============================ [*] Hello!, guess a lucky number >> 20 [*] GUESS: is 20 [*] LUCKY: is…

For part 1: [tctt2022] pwnable 01 This series is for the Thailand Cyber Top Talent 2022 competitions which focus on the writeup for all pwnable…medium.com The binary for this challenge will ask the user to just write something and reflect it back: ./challenge write something AAAA AAAA Let’s decompile the binary: undefined8 main(void) { sigaction local_20a8 [53]; sigaction local_a8; memset(&local_a8,0,0x98); sigemptyset(&local_a8.sa_mask); local_a8.__sigaction_handler = segfault_sigaction; local_a8.sa_flags …

Part 5 This binary for this one will tell us that it only know ADD which might be addition of number? ./challenge [*] ==== welcome ==== [*] ================= [*] ME exiting to ADD [*] ME knows ADD only [*] ================= >> 1 >> 1 [*] ADDING 1 and 1 [*] The answer is…

This is part 4 for pwnable writeup. The binary for this challenge will ask whether the binary wish is C0FFEE or CAFE : ./challenge My wish is having a C0FFEE in a CAFE. What is YOURS? C0FFEE Yes, my wishes (c0ffee, cafe) come true. …

Read my other article for part 1 and 2! The binary for this challenge will ask the user for input and reflect it back: ./challenge Hello. Please tell me your secret! AAAA AAAA We love your secret! I use rabin2 to analyze how the flag will be printed. I found…

Walkthrough Pwnable.co.il is a wargame site that supplies various binary exploitation and vulnerability research challenges, Today we’ll solve it’s first challenge, Welcome. We’ll start by looking at the security features of the challenge:

Back again with another vulnhub writeup. This time it’s Pwnlab which according to the description it’s a low difficulty CTF. Let’s see what we get! Starting off with finding the box with an arp scan and then a fast nmap scan to find what ports are open. I’ll set up…

Challenge Description Mommy! what is a file descriptor in Linux? ssh fd@pwnable.kr -p2222 (pw:guest) We can see that we are provided with a ssh login and some hints for the challenge. Understanding File Descriptors File descriptors are a number that uniquely identifies an open file in a computer Operating System. …

Introduction Hi there, here is my first article on binary exploitation. We had a responsibility as cyb0ts to research and write an article. This challenge, as its name bof, focuses on exploiting buffer overflow by overwriting a variable then gaining a shell. …