INTRODUCTION

This is a basic Ret2libc attack where we need to leak an address, then check the LIBC leak database and finally use the offset to pop up the shell.

So for the newbies out there like me, First let’s get to know what a libc and ret2libc is.

The C…

INTRODUCTION

This is a basic ret2win challenge from jornadas CTF. Here we just need to buffer overflow and reach the RIP/Return region and then call the function to get the shell.

CHALLENGE

First, we check the file type and the memory protection involved with the binary.

After spending some time in stack buffer overflow challenges, here we are with a section dedicated only to format strings. There are tons of blogs on format strings and the vulnerability involved with it. So ill start with the challenge directly. Format strings are really interesting if you understand what…

This is the 3rd challenge in ROP Emporium and it does get a bit tricky from here. I had to call 3 functions and each function has 3 arguments “0xdeadbeef”, “0xcafebabe”, “0xd00df00d”. So let’s get started with the challenge.

First I start the challenge by checking the type of file…

Hariharan@Blog:~$

Computer Science Student @ SASTRA deemed to be University .

Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store