Purpose : Get The Flag The challenge binary mmaps a memory region at 0x500000 with a size of 0x1000 bytes and grants it read, write, and execute permissions. It then: Asks the user how m...

Purpose : Get The Flag Mitigations : Crash : Decompile : #!/usr/bin/python3 from pwn import * import struct # context.terminal = ['tmux','splitw','-h'] os.environ['XDG_CACHE_HOME'] = '...

Purpose : Get The Flag #!/usr/bin/python3 from pwn import * import struct from ctypes import * import subprocess context.terminal = ['tmux','splitw'] os.environ['XDG_CACHE_HOME'] = '/tm...

First, we begin with basic analysis. This involves checking its hash on VirusTotal and extracting hashes using HashMyFile. Checking on VirusTotal. After obtaining some hits, it’s time to inve...

The variable age is declared as an integer, and a long integer is obtained from the user. This means that, as an attacker, we have the capability to overwrite the next 4 bytes in memory. These next...

Pointer Compression Pointer Compression in V8 leverages a fascinating characteristic of heap-based objects, namely their proximity to one another. This proximity often results in a significant po...

Initial Assessment Upon initial examination of the binary, the following properties and security measures were identified: Architecture: The binary is compiled for the i386 architecture, ...

In the depths of “Callback,” an enigmatic 32-bit MZ file, we embarked armed with Pestudio’s guidance. Strings and imports held no immediate revelations. The enigma remained, shrouded in mystery, ur...

First Stage: The initial phase involves a malicious document programmed to download an RTF file from the following URL: “hxxps://dgmp-paknavy.mod-pk[.]com/14325/1/10/2/0/0/0/m/files-5291bef6/file[....

Description : it appears that there is a global variable that holds a canary value, and the same canary value is stored on the stack. It’s important to note that these hardcoded canary values vary...