-
Notifications
You must be signed in to change notification settings - Fork 110
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Added CSAW Diary 2013 writeup #31
base: master
Are you sure you want to change the base?
Conversation
Fancy Cache was a Master Challenge for PicoCTF worth 200 points. The aim was to exploit a use-after-free vulnerability.
This is the writeup for CSAW CTF Quals 2013 Exploitation 300
This is the writeup for CSAW CTF Quals 2013 Exploitation 300
Switch to socket reuse shellcode
This writeup needs more work, will review it at some phase.
I don't see your submission on the GSoC Melange website. Which name did you use for your submission? |
Hey, I can't apply I am not a student anymore, I just want to contribute because I learn. |
Ah cool, thanks! :) |
p = process('./fil_chal') | ||
sleep(0.5) | ||
binary = ELF("./fil_chal") | ||
plt_read = binary.plt['read'] # read@plt: call 80486e0 |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Looks like this is specified twice? It's the same local or remote.
You should check out some of the other write-ups. They're all split into "doit.py" with the exploit logic, and "harness.py" which is responsible for creating a flag on disk, starting the challenge server, and verifying that you can read/write the flag after the exploit has finished. |
This is the writeup for CSAW CTF Quals 2013 Exploitation 300