Bronze Ropchain
Daniele Scanu2019-08-16T18:34:37+02:00Broze ropchain is a simple pwn challenge with a 32 bit binary. The first step is to check the protection of the binary with checksec util:
SRNR
Daniele Scanu2019-08-16T18:33:19+02:00Srnr is a binary exploitation challenge of redpwn ctf. Running checksec, we can see that there are only Full RELRO and NX protections, but any canary value.
Jendy’s
Daniele Scanu2019-03-11T15:25:41+02:00Hey guys, welcome back on Exploitnetoworking! Today we will see the writeup of the binary exploitation challenge Jendy’s by UTCTF. This challenge is an hard pwn binary, that for exploit it, you must use two technics, the first step is manage the heap for obtain an arbitrary free and the second step is use a format string for obtain a write what where.
PHP Unserialization 35c3ctf
Daniele Scanu2018-12-29T17:10:09+02:00Welcome back on Exploitnetworking! Today we’ll see an interesting writeup of 35c3ctf ctf for a challenge with an unserialize that permit you to obtain an object injection. The challenge gave us the vulnerable source code: From code we can see that for obtain the flag we need to trigger [...]
[HTB] Sunday
Daniele Scanu2018-10-01T09:23:08+02:00Welcome back on Exploitnetworking! Today we’ll see the writeup of Hack The Box Sunday machine. This box was been really easy because with a simple nmap and with some enumerations you can enter in server, after that with some tricks you can get root user.
Alienise
Daniele Scanu2018-09-15T10:24:01+02:00Alienise was a web challenge of SECT CTF 2018, where you abuse of a nginx misconfiguration for get the flag.
Puppetmatryoshka
Daniele Scanu2018-09-14T14:06:13+02:00Welcome back on Exploitnetworking! Puppetmatryoshka was a misc challenge of SECT CTF 2018 where it was necessary inspect a pcap file.
PingPong
Daniele Scanu2018-09-14T14:04:41+02:00Welcome back on Exploitnetworking! PingPong was a pwn challenge of SECT CTF 2018, based on buffer overflow. The main goal was use an overflow to leak the memory addresses of remote libc (for bypass aslr) and then create a ropchain for spawn a shell.
SimpleAuth
Daniele Scanu2018-09-03T19:56:44+02:00Welcome back on Exploitnetworking. SimpleAuth is a web challenge of TokyoWesterns CTF. The base of this challenge is manipulate the php function parse_str to bypass auth control and get the flag.
[HTB] Celestial writeup
Daniele Scanu2018-11-02T10:10:42+02:00In this machine there is a nodejs service exploitable in a easy and direct way. And for privilege escalation there is a simple trick with python.