Code review and Exploit

-

As a part of the exploitation challenge in AISA 2015 CTF was given connection details to an server & code which the server is running. Goal is to exploit and find an 64 bit flag


Code snippet the server running





File "my_stack", upon execution locally the following is the result





This specific code has where exactly 1016 random bytes would print us the flag as per our "if" clause in the code snippet


Now lets create an string of 1016 bytes





Time to connect to the server and exploit





We can see the 64 bit flag has been printed as per the code.


Now we can further use the memory space to host our own payload for persistance. 

Comments

Post a Comment

Popular posts from this blog

SANS Kringlecon 2022 Introduction

-
Image
What Challenges Should You Expect?   This year, the infamously precious 5 Golden Rings have been stolen, and Santa needs your help to recover them. Each ring represents a different quest to defeat cybersecurity obstacles to change the course of the future and defeat holiday treachery:   1. Tolkien Ring (Network Security) - Analyse a PCAP to identify malware, and then analyse logs and create IDS rules to detect such attacks. 2. Elfen Ring (SecDevOps and Supply Chain Attacks) – Identify malicious packages and then attack CI/CD processes to escape a container. 3. Web Ring (Web Application Vulnerabilities and Exploitation) - Identify XML External Entity (XXE) attack and leverage such vulnerabilities to gain access. 4. Cloud Ring (Cloud Security) - Analyse cloud configurations via the command line, identifying possible vulnerabilities and information leakage. 5. Burning Ring of Fire (Cryptocurrency, NFT, and Smart Contract Attacks) - Acquire and spend cryptocurrency, then ...
Read more

Sans Kringlecon 2022 - Christmas CTF Finale

-
Image
Finale Upon Collection of all 5 rings, we are being asked to meet Santa exciting the tunnels and Santa asks us to get into the building where we are greeted with Santa’s congratulations and credits to all the fantastic effort of smart folks from SANS rolling. Hidden Chests & Tunnel Map Was able to identify a total of 5 hidden chests. To find these hidden chests any new location you enter within the tunnel or even while navigating to the tunnels. Zoom out by pressing (Ctrl or Command) + “-“, which should make the hidden chests easily visible and you should be able to identify the pathways by playing with the arrow keys and even by looking for cracks in the mine wall that tells you can enter through to get to the hidden chest Most of the chest provide you with hints and almost all of them with Kringlecoins    Overall chest locations: 1 in Tokien Ring area 1 in Cloud Ring are 3 in pathways in the tunnel to different challenge areas Below is the Full Navigation map within the Tunn...
Read more

Burning Ring of Fire - Exploit a Smart Contract Walkthrough

-
Image
Exploit a Smart Contract Exploit flaws in a smart contract after completing Blockchain Divination , to buy yourself a Bored Sporc NFT. Find hints for this objective hidden throughout the tunnels. Difficulty Level 5/5 Next we are being asked to exploit a smart contract and buy ourselves a Bored sporc NFT from boredsporc gallery. But to be able to make the purchase we will have to be part of the Pre-Sale list and we will have to add ourselves into it. "Earlier, I overheard that disgruntled customer in the office saying he wanted in on the “rug pull”. If our suspicions are correct, that’s why the sporcs want an invite to the presale so badly.  Once the “Bored Sporc Rowboat Society” NFTs officially go on sale, the sporcs will upsell them. After most of the NFTs are purchased by unwitting victims, the Sporcs are going to take the money and abandon the project.  Mission #1 is to find a way to get on that presale list to confirm our suspicions and thwart their dastardly scheme! ...
Read more