Published on May 17th, 2019 📆 | 1777 Views ⚑
0Defcon Quals 2019 (oooverflow.io) Speedrun pwn challenges || rop chaining || ret2libc || shellcoding
Powered by iSpeech
Walk-through of speedrun-001 speedrun-002 speedrun-003 pwn challenges from defcon qualifiers round 2019.
link: http://oooverflow.io/
ctftime: https://ctftime.org/event/762
Speedrun-001 is basically a statically compiled 64 bit binary. nx is enabled. we need to make the use of the available gadgets and spawn a shell with the buffer overflow.
In Speedrun-002 the binary is dynamically linked and again there is a buffer overflow. We make the use of the puts function to leak the address and calculate the libc base address. we can download the libc from libc.blukat.me
In speedrun-003 there are a few checks on the passed string and after bypassing them we can execute our shellcode and spawn a shell.
video, sharing, camera phone, video phone, free, upload
2019-05-17 15:40:50
source
Gloss