HITB-XCTF GSEC 2018 Quals: babypwn - Blind Format String Exploitation

from blog David Buchanan's Blog, | ↗ original
By David Buchanan, 13th April 2018 The only information provided with this challenge was an IP address and port number. No binaries to download! Of course, my first idea was to use netcat to see what it did. $ nc 47.75.182.113 9999 hello hello %08x 00000000 Typing hello just resulted in the same input being echoed back. There's only a limited number of possibilities for this kind of challenge, so I thought I'd check if...
This is a short summary. ↗ Open original to view full content

Related

Beware of base64 encoded strings
garrit.xyz | original ↗
BGGP3: Chipping Out
David Buchanan's Blog | original ↗
WPICTF 2018: Forker[1-4] Writeup - Blind-ish ROP
David Buchanan's Blog | original ↗
0CTF 2018 Quals: Baby Stack - ret2dlresolve
David Buchanan's Blog | original ↗
CTF Writeup: Hackvent 2017 Day 23 - "Only Perl"
David Buchanan's Blog | original ↗
CTF Writeup: Hackvent 2017 Day 21 - "Tamagotchi"
David Buchanan's Blog | original ↗
A mini-rant on the lack of string slices in C
Federico's Blog | original ↗
Spin Up Your Own No-Bullshit File Hosting Service
Orhun's Blog | original ↗
Buffer Overflows and Stacks and Assembly, Oh My!
the website of jyn | original ↗
q What do I title this article?
Two-Wrongs | original ↗

More from David Buchanan's Blog

Can You Get Root With Only a Cigarette Lighter?
7 Oct 2024 | original ↗

By David Buchanan, 7th October 2024 Spoiler alert: Yes. the elite hacking tool they don't want you to know you already own Before you can write an exploit, you need a bug. When there are no bugs, we have to get creative—that's where Fault Injection comes in. Fault injection can take many forms, including software-controlled data...

Jailbreaking RabbitOS: Uncovering Secret Logs, and GPL Violations
16 Jul 2024 | original ↗

By David Buchanan, 16th July 2024 I assume by now that most people have heard of the Rabbit R1. Critics unanimously agree

SIMD in Pure Python
4 Jan 2024 | original ↗

By David Buchanan, 4th January 2024 First of all, this article is an exercise in recreational "because I can" programming. If you just want to make your Python code go fast, this is perhaps not the article for you. And perhaps Python is not the language you want, either! By the end, I'll explain how I implemented Game of Life in pure Python (plus pysdl2...

Text Editors Should Be Worse
2 Jan 2024 | original ↗

By David Buchanan, 2nd January 2024 This is a rant. You have been warned! I'd like text editors to be worse. Specifically, I'd like their default behaviour to be as close as possible to the median text input box you'd find in any piece of software, like the humble HTML <textarea>. More realistically, I'd like a configuration preset that lets me opt in to the same, without having to hunt for a thousand...

2024 Will Be the Year of the Blog
31 Dec 2023 | original ↗

By David Buchanan, 31th December 2023 ...or at least, it will be for mine! Social media platforms come and go, but the one constant for me has been my blog. Same domain. Same URLs. Almost the same web design. It's been here since I started writing in 2018, and for that year I updated it regularly with CTF write-ups. Between 2019 and 2022 however, I neglected it, with only 2 posts for the whole duration. The "death" of my blog was...