Introduction
This is a pwn challenge on CodeBlue CTF. As a part of my tutorial plan, I take this one as an example on House of Force technique.Read More »
This is a pwn challenge on CodeBlue CTF. As a part of my tutorial plan, I take this one as an example on House of Force technique.Read More »
This is a pwn challenge in TokyoWestern 2017. As part of my tutorial plan, I decide to have a simple write-up on this challenge.Read More »
Since my CTF teammate hopes me to give a tutorial on writing exploit, I decide to write this post as a working plan. From my perspective, how to write exploit is a huge theme and it’s impossible to cover every aspect of writing exploit in one single post. So I write this post to outline what will be covered in my tutorial and urge me to write following posts.Read More »
This week I find that Codeblue CTF takes VTV as a pwn challenge. So I decide to take a note on this paper presenting in USENIX 2014. And I will give a write-up on the pwn challenge some time later. In this paper, the author mainly proposes two CFI mechanism Virtual Table Verification (VTV) for gcc and Indirect Function Call Check (IFCC) for LLVM. Both CFI aim to verify the validity of indirect forward edge target.Read More »
This vulnerability is an integer overflow vulnerability, which involves a signed comparison between a signed integer and an unsigned integer and results in out-of-bound read. The analysis on root cause has already been available online [2][3]. But these talk few about how they locate the root cause in the binary starting from zero knowledge. In this post, I hope to log how I locate the root cause of the vulnerability starting from the crash. Therefore, the post may look tedious but I will try to demonstrate every step I take in my analysis.Read More »
Solves: 5 Points:420
Last week, I introduce PICFI and its implementation (Per-Input Control Flow Integrity), in this post I will give a detailed write-up about my solution on this challenge. Angelboy has posted his write-up on Github [1], so my post will discuss more about the details in PICFI, and how I write the final exploit.Read More »
This is a integer overflow vulnerability in Linux Kernel. The exploit code can be found on [1]. This post will mainly discuss on the root cause of this CVE and how the exploit works in the end.Read More »
Last week, I find that Google CTF Quals take PICFI as a pwn chanllenge. Since this paper is also mentioned in The Dynamics of Innocent Flesh on the Bone: Code Reuse Ten Years Later, I decide to take simple note no this paper and take the pwn challenge to solve.
In this paper, the author propose a more fine-grained CFI compared with conventional CFI proposed by Abadi.Read More »
Points: 132 Solve: 32
I did not try to solve the challenge during the competition. Recently I picked this challenge as an exercise and found that it’s actually a very interesting challenge on stack buffer overflow.Read More »