We will start by looking at the protections of the binary and we realize that NX is enabled so it will not let us execute code in memory. First we see that our attack vector are two inputs but we do not know the iteration that the program returns to us. So we will have to open gdb and analyze the code in search of how to exploit it and perform the important task of reverse engineering. After see..
Writeup - From Format String to Buffer OverflowPKTeam Recon First of all we see the protections of the binary. We have several problems. We can not execute code in the stack such as a shellcode due to NX, we can not overflow without having a canary leak and if we want to attach with gdb we have to bypass PIE as if we want to do ROP (Return-Oriented Programming). We also need leak of a function t..
Horcruxes Date: 05/01/2019-08/01/2019 @naivenom 3.1 Deep Reversing Analysis Primero vemos las protecciones y tiene NX habilitado en áreas como no ejecutable. gdb-peda$ checksec CANARY : disabled FORTIFY : disabled NX : ENABLED PIE : disabled RELRO : Partial Vemos las funciones que usa el binario, Non-debugging symbols: 0x0809fbec _init 0x0809fc20 seccomp_init@plt 0x0809fc30 read@plt 0x0809fc40 p..
- Total
- Today
- Yesterday
- hijacking redirection flow
- arithmetic overflow/underflow
- stack pivot
- Call oriented programming
- html injection
- fake stack frame
- XSS
- cracking
- pwnable.tw
- Windows
- write primitive
- return oriented programming
- Pwnable.kr
- leak libc
- one gadget
- canary
- pwnable.xyz
- shellcode
- format string
- theFaunia course
- leak stack memory address
- dnspy
- Backdoors
- 32Bit
- GOT Dereferencing/Overwriting
- use after free
- buffer overflow
- x64dbg
- ASM
- open-redirect
일 | 월 | 화 | 수 | 목 | 금 | 토 |
---|---|---|---|---|---|---|
1 | 2 | 3 | 4 | |||
5 | 6 | 7 | 8 | 9 | 10 | 11 |
12 | 13 | 14 | 15 | 16 | 17 | 18 |
19 | 20 | 21 | 22 | 23 | 24 | 25 |
26 | 27 | 28 | 29 | 30 | 31 |