MeePwnCTF 2018 Qual Pwn Coin Write-up


This is a very interesting challenge. Generally speaking, this is not a very hard challenge because its vulnerability is very obvious. However, this challenge is not that easy to exploit. First of all, the logic of the programme is very complicated and hard to reverse. Secondly, the exploitation involves multiple exploitation tricks in the end. Thirdly, the exploitation involves many double-to-integer conversion. Continue reading “MeePwnCTF 2018 Qual Pwn Coin Write-up”


MeePwnCTF 2018 Qual PWN House-of-Cards Write-up


It is the only middle score challenge I solve in MeePwn CTF this time. The challenge is a routine menu challenge. The annoying part of this challenge is the complexity of malloc/free operation in each operation in this challenge. I think my exploit make things complicated again , I think it is necessary to record my thoughts during the exploitation.
Continue reading “MeePwnCTF 2018 Qual PWN House-of-Cards Write-up”

GoogleCTF 2018 Qual PWN EXECVE-Sandbox Write-up


After my tutorial on seccomp, thanks for Google CTF for providing such good challenges to learn something new about seccomp escape. Since I was unable to play in Google CTF in time. I think it is necessary to record the challenges.
This post will give the write-up for the execve-sandbox in GoogleCTF. And my write-up is based on [1] and [2]. Continue reading “GoogleCTF 2018 Qual PWN EXECVE-Sandbox Write-up”