Gloater was a pwn challenge with an insane difficulty rating during the Cyber Apocalypse 2024. While it had the most difficult rating, it wasn't the pwn with the least solves. But it was still an interesting challenge with many options to gain code execution. This writeup certainly presents a ... let's call it special way ;)
Read MoreOnce upon a time I wanted to join a CTF and solve some challenges. I settled out and chose a pwn challenge. I downloaded the binary, started GDB and lo and behold....
I had no clue how to proceed. GDB is barely usable and it's command line interface at best obscure. I had no idea of disassembler or decompilers. And what the hell is pwntools? This article series should provide some insight to the most basic setup for solving pwn challenges so you don't have to feel the same pain I once did.
Read MoreHowToHeap was a medium rated challenge during the CyberSecurityRumble 2020 (CSR20) CTF. While not particular difficult, it allowed players to explore a new concept introduced with Libc 2.32: Safe-Linking.
In this writeup we will not only solve a CTF-Challenge, but also take a look at what at this new mitigation technique introduced in the latest glibc.
Read MoreTCalc was a pwnable challenge during the recent Hack.lu CTF 2019. It was worth 381 points and rated medium. As all somewhat more difficult exploit challenges, it was a heap challenge. Somewhat unusual was the usage of libc version 2.30, which I haven't seen much in CTFs. The bug was a very fascinating programming error resulting in an OOB array access that could be used to arbitrary free. This write-up will try to not only describe the solution but also the pitfalls and things that didn't work.
Read More