Analysis on CVE-2016-9079

July 29, 2018 dangokyo3 Comments

Introduction

This is a use-after-use vulnerability in the firefox before 50.2 [1]. In this post, the exploit is a routine browser exploitation process. Since exploit [1] is a working exploit on windows platform, I rewrite the exploit to make it work on Linux platform and test some ideas on vtable reuse attacks. I use a chain of multiple virtual function gadgets to change memory protection and open a listening port or popping up calculator. The final exploit can be found on my github repo[3].
Read More »

MeePwnCTF 2018 Qual Pwn Coin Write-up

July 26, 2018 dangokyoLeave a comment

Introduction

This is a very interesting challenge. Generally speaking, this is not a very hard challenge because its vulnerability is very obvious. However, this challenge is not that easy to exploit. First of all, the logic of the programme is very complicated and hard to reverse. Secondly, the exploitation involves multiple exploitation tricks in the end. Thirdly, the exploitation involves many double-to-integer conversion. Read More »

MeePwnCTF 2018 Qual Web+PWN 0xBADMINTON Write-up

July 18, 2018 dangokyoLeave a comment

Introduction

As an enthusiast badminton player, I decide to add a cover page for this write-up. As a CTF player, I think it’s necessary to write a wp for this challenge. This challenge is not hard after reading the write-up given on [1]. But I think there are still a lot of things to learn in the field of web security.
Read More »

MeePwnCTF 2018 Qual Web Pycalcx2 Write-up

July 17, 2018 dangokyoLeave a comment

Introduction

This post is also based on the write-up given by p4[1]Read More »

MeePwnCTF 2018 Qual Web Pycalcx Write-up

July 17, 2018 dangokyoLeave a comment

Introduction

This post is based on the write-up given by p4 team [1].Read More »

MeePwnCTF 2018 Qual Re Image_Crackme

July 16, 2018 dangokyoLeave a comment

Introduction

The programme implements a simple logic in image processing. Since I started to learn GO binary just from CrossCTF, I spend a lot of time reversing the logic of the challenge.
Read More »

MeePwnCTF 2018 Qual PWN House-of-Cards Write-up

July 16, 2018July 16, 2018 dangokyo5 Comments

Introduction

It is the only middle score challenge I solve in MeePwn CTF this time. The challenge is a routine menu challenge. The annoying part of this challenge is the complexity of malloc/free operation in each operation in this challenge. I think my exploit make things complicated again , I think it is necessary to record my thoughts during the exploitation.
Read More »

GoogleCTF 2018 Qual PWN EXECVE-Sandbox Write-up

July 12, 2018July 12, 2018 dangokyoLeave a comment

Introduction

After my tutorial on seccomp, thanks for Google CTF for providing such good challenges to learn something new about seccomp escape. Since I was unable to play in Google CTF in time. I think it is necessary to record the challenges.
This post will give the write-up for the execve-sandbox in GoogleCTF. And my write-up is based on [1] and [2].Read More »

CrossCTF 2018 Qual RE GOGOGO

July 10, 2018July 10, 2018 dangokyoLeave a comment

Introduction

It is not me that solve the challenge during the competition. Just take it as a warm-up for coming CTF.Read More »

Hacking Blind

July 9, 2018 dangokyoLeave a comment

Introduction

This paper was published in Oakland 2014. In this paper, the author presents a generic way to exploit proprietary server even if the source code and the binary code is not available but a crash is found through remote fuzzing test.
Read More »

氷菓

Month: July 2018

Analysis on CVE-2016-9079

Introduction

MeePwnCTF 2018 Qual Pwn Coin Write-up

Introduction

MeePwnCTF 2018 Qual Web+PWN 0xBADMINTON Write-up

Introduction

MeePwnCTF 2018 Qual Web Pycalcx2 Write-up

Introduction

MeePwnCTF 2018 Qual Web Pycalcx Write-up

Introduction

MeePwnCTF 2018 Qual Re Image_Crackme

Introduction

MeePwnCTF 2018 Qual PWN House-of-Cards Write-up

Introduction

GoogleCTF 2018 Qual PWN EXECVE-Sandbox Write-up

Introduction

CrossCTF 2018 Qual RE GOGOGO

Introduction

Hacking Blind

Introduction