Gera's Insecure Programming warming up stack #1 (ROP NX/ASLR Bypass)
I started gera’s exercises on format strings vulnerabilities. I am going to start on the stack next. This post will be my first ROP practice and it was fun :). The main purpose of “warming up the stack” exercises is to just bypass the canary. However, I wanted to make it harder and get a shell out of it.
CSAW CTF: Munchbrunch Writeup
CSAW CTF: Networking 1 Writeup
This challenge provided a pcap file and the question ‘‘What am I searching for?”. A hint dropped in the irc channel by hockeyinjune helped us to look in the right place.
CSAW CTF: Inchbinge Writeup
CSAW CTF: BluesNews Writeup
For Web Challenge 300, you were presented with a news website, BluesNews.
CSAW CTF Exploitation bin2 Solution
This past weekend, the ISIS lab held CSAW CTF quals. For more information about the event see: csawctf.poly.edu
Smashing the Stack on FreeBSD
Here’s a simple program to illustrate a stack smash.
Gera's Insecure Programming Format String #5 (ASLR Bypass)
This post is long overdue. I decided to step it up from FreeBSD to Debian. The last format string challenge from gera is a vanilla format string. You can find this challenge here.