Git Product home page Git Product logo

my_ctf_design's Introduction

CTF Pwn tasks

name 200

  • alphanumeric shellcoding.

memo_manager 250

  • PIE on, and full relro.
  • Use input end without NULL byte weakness in printf to leak PIE base, stack address, and libc.
  • Use vulnerability to do stack overflow.
  • It could only overflow to return address for one gadget, you can use magic gadget in libc or do stack migration for ret2libc.

final_countdown 300

  • Advanced format string attack.
  • All protection are enabled.
  • fmt buf is at global.
  • Because of full relro, you can't do gothijacking.
  • First time fmt Leak stack address and libc base.
  • Second time fmt to forge last two byte of rbp.
  • Overwrite return address of _IO_vfprintf_internal with one gadget.

Joke 350

  • _dl_make_stack_executable.
  • Socket shellcodeing.
  • Reverse shell.

baby_heap 400

  • Double free
  • fastbin attack
  • gothijacking

Three pages 450

  • add_name overflow overwrite top chunk size.
  • House of force to overwrite data pointer.
  • Leak libc and overwrite __malloc_hook.
  • Leave messege trigger shell.

Free 500

  • realloc() trick.
  • fastbin attack increase size.
  • heap overflow.
  • sysmalloc trick.
  • unsorted bin attack to data pointer.
  • forge top chunk pointer.
  • __malloc_hook -> one.

my_ctf_design's People

Contributors

yuawn avatar

Watchers

James Cloos avatar cm avatar

Recommend Projects

  • React photo React

    A declarative, efficient, and flexible JavaScript library for building user interfaces.

  • Vue.js photo Vue.js

    ๐Ÿ–– Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.

  • Typescript photo Typescript

    TypeScript is a superset of JavaScript that compiles to clean JavaScript output.

  • TensorFlow photo TensorFlow

    An Open Source Machine Learning Framework for Everyone

  • Django photo Django

    The Web framework for perfectionists with deadlines.

  • D3 photo D3

    Bring data to life with SVG, Canvas and HTML. ๐Ÿ“Š๐Ÿ“ˆ๐ŸŽ‰

Recommend Topics

  • javascript

    JavaScript (JS) is a lightweight interpreted programming language with first-class functions.

  • web

    Some thing interesting about web. New door for the world.

  • server

    A server is a program made to process requests and deliver data to clients.

  • Machine learning

    Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.

  • Game

    Some thing interesting about game, make everyone happy.

Recommend Org

  • Facebook photo Facebook

    We are working to build community through open source technology. NB: members must have two-factor auth.

  • Microsoft photo Microsoft

    Open source projects and samples from Microsoft.

  • Google photo Google

    Google โค๏ธ Open Source for everyone.

  • D3 photo D3

    Data-Driven Documents codes.