BSidesSF CTF - Steel Mountain: Sensors Walkthrough
Continuing my write-up series from BSides SF's CTF, today I'll be looking at a "pwn" challenge, Steel Mountain - Sensors. The challenge starts with a link, and a cryptic comment
Read More »BSidesSF CTF: b-64-b-tuff Walkthrough
This week I was part of team "NeverTry" who competed in the BSidesSF online capture the flag. As far as CTF's go, this was a fun one, taking place over 2 days there were a range of cool puzzles and flags to find. Over a series of upcoming posts I'll be running through the solutions for a number of my favourite challenges, starting with b-64-b-tuff. This challenge started with a simple application which receives binary shellcode over the network, and executes th
Read More »ROP Primer - Walkthrough of Level 2
In the final post in this series, we'll be looking at Level 2, the last level of ROP Primer from VulnHub. This level gives a very simple program, similar to the first challenge that we faced in Level 0. The source of the application is as follows
Read More »ROP Primer - Walkthrough of Level 1
Continuing from the previous post which shows a solution for Level 0, we are going to look at Level 1 of ROP Primer from VulnHub. Level 1 is a server application, which suffers from a typical buffer overflow. Reviewing the application source provided by the challenge, we can see that the overflow vector is within the following code
Read More »ROP Primer - Walkthrough of Level 0
I recently found Vulnhub ROP Primer, which is a brilliant playground for refreshing your Linux ROP skills. To try and share some of the techniques I used to solve these challenges, I'm completing a series of writeups detailing the steps to solve each level. In typical Vulnhub style we start with a virtual machine which runs a number of services alongside a HTTP server documenting the 3 levels of difficulty. This post will be looking at Level 0
Read More »