Purpose : Get The Flag The challenge binary mmaps a memory region at 0x500000 with a size of 0x1000 bytes and grants it read, write, and execute permissions. It then: Asks the user how m...
Single Note - Ignite khi qualifying 2024
Purpose : Get The Flag Mitigations : Crash : Decompile : #!/usr/bin/python3 from pwn import * import struct # context.terminal = ['tmux','splitw','-h'] os.environ['XDG_CACHE_HOME'] = '...
BlackHat Qualifier cockatoo
Purpose : Get The Flag #!/usr/bin/python3 from pwn import * import struct from ctypes import * import subprocess context.terminal = ['tmux','splitw'] os.environ['XDG_CACHE_HOME'] = '/tm...
Cereberus 2024
First, we begin with basic analysis. This involves checking its hash on VirusTotal and extracting hashes using HashMyFile. Checking on VirusTotal. After obtaining some hits, it’s time to inve...
Profile
The variable age is declared as an integer, and a long integer is obtained from the user. This means that, as an attacker, we have the capability to overwrite the next 4 bytes in memory. These next...
V8 Internals Part 1
Pointer Compression Pointer Compression in V8 leverages a fascinating characteristic of heap-based objects, namely their proximity to one another. This proximity often results in a significant po...
Unlimited Subway csaw quater 2023
Initial Assessment Upon initial examination of the binary, the following properties and security measures were identified: Architecture: The binary is compiled for the i386 architecture, ...
CallBack
In the depths of “Callback,” an enigmatic 32-bit MZ file, we embarked armed with Pestudio’s guidance. Strings and imports held no immediate revelations. The enigma remained, shrouded in mystery, ur...
Decoding Sidewinder APT Malware
First Stage: The initial phase involves a malicious document programmed to download an RTF file from the following URL: “hxxps://dgmp-paknavy.mod-pk[.]com/14325/1/10/2/0/0/0/m/files-5291bef6/file[....
Weird Cookie , NahamCon 2023
Description : it appears that there is a global variable that holds a canary value, and the same canary value is stored on the stack. It’s important to note that these hardcoded canary values vary...