MeePwnCTF 2018 Qual Web+PWN 0xBADMINTON Write-up

Introduction

As an enthusiast badminton player, I decide to add a cover page for this write-up. As a CTF player, I think it’s necessary to write a wp for this challenge. This challenge is not hard after reading the write-up given on [1]. But I think there are still a lot of things to learn in the field of web security.
Continue reading “MeePwnCTF 2018 Qual Web+PWN 0xBADMINTON Write-up”

Advertisements

MeePwnCTF 2018 Qual PWN House-of-Cards Write-up

Introduction

It is the only middle score challenge I solve in MeePwn CTF this time. The challenge is a routine menu challenge. The annoying part of this challenge is the complexity of malloc/free operation in each operation in this challenge. I think my exploit make things complicated again , I think it is necessary to record my thoughts during the exploitation.
Continue reading “MeePwnCTF 2018 Qual PWN House-of-Cards Write-up”

GoogleCTF 2018 Qual PWN EXECVE-Sandbox Write-up

Introduction

After my tutorial on seccomp, thanks for Google CTF for providing such good challenges to learn something new about seccomp escape. Since I was unable to play in Google CTF in time. I think it is necessary to record the challenges.
This post will give the write-up for the execve-sandbox in GoogleCTF. And my write-up is based on [1] and [2]. Continue reading “GoogleCTF 2018 Qual PWN EXECVE-Sandbox Write-up”