Purpose : Get The Flag Mitigations : Crash : Decompile : #!/usr/bin/python3 from pwn import * import struct # context.terminal = ['tmux','splitw','-h'] os.environ['XDG_CACHE_HOME'] = '...

Purpose : Get The Flag #!/usr/bin/python3 from pwn import * import struct from ctypes import * import subprocess context.terminal = ['tmux','splitw'] os.environ['XDG_CACHE_HOME'] = '/tm...

First, we begin with basic analysis. This involves checking its hash on VirusTotal and extracting hashes using HashMyFile. Checking on VirusTotal. After obtaining some hits, it’s time to inve...

The variable age is declared as an integer, and a long integer is obtained from the user. This means that, as an attacker, we have the capability to overwrite the next 4 bytes in memory. These next...

Pointer Compression Pointer Compression in V8 leverages a fascinating characteristic of heap-based objects, namely their proximity to one another. This proximity often results in a significant po...

Initial Assessment Upon initial examination of the binary, the following properties and security measures were identified: Architecture: The binary is compiled for the i386 architecture, ...

In the depths of “Callback,” an enigmatic 32-bit MZ file, we embarked armed with Pestudio’s guidance. Strings and imports held no immediate revelations. The enigma remained, shrouded in mystery, ur...

First Stage: The initial phase involves a malicious document programmed to download an RTF file from the following URL: “hxxps://dgmp-paknavy.mod-pk[.]com/14325/1/10/2/0/0/0/m/files-5291bef6/file[....

Description : it appears that there is a global variable that holds a canary value, and the same canary value is stored on the stack. It’s important to note that these hardcoded canary values vary...

Description : The updated program prompts the user to enter a password to open a simulated cave of gold. In addition to entering the correct password, the boolean variable caveCanOpen must also be ...