literally 1984. note: you should read the design doc of The Cage and its code; try to understand how it works, since it'll be hard to solve this challenge by just jit monkeying. Release: https://github.com/h0meb0dy/CTF/raw/main/DiceCTF%202022/memory%20hole/1984.tar.gz Environment Setting V8 commit hash: 277fdd1de7110a889f6fd4c2da2ddfdf2f28416f GN arguments (for debugging): v8_no_inline=true v8_o..

https://ctf2022.hitcon.org/dashboard/#14 Release: https://github.com/h0meb0dy/CTF/raw/main/HITCON%20CTF%202022/Fourchain%20-%20Hole/hole.7z Environment Setting * Based on git commit hash: 63cb7fb817e60e5633fb622baf18c59da7a0a682 * args.gn: dcheck_always_on = false is_debug = false target_cpu = "x64" v8_enable_sandbox = true * It is recommended that you solve this challenge on a Debian Linux 11.5..

Just your average, easy browser pwn! Release: https://github.com/h0meb0dy/CTF/raw/main/corCTF%202021/Outfoxed/Outfoxed.zip Environment Setting OS: Ubuntu 20.04 (WSL) # get challenge file cd ~ mkdir Outfoxed cd Outfoxed wget 'https://github.com/h0meb0dy/CTF/raw/main/corCTF 2021/Outfoxed/Outfoxed.zip' unzip Outfoxed.zip rm Outfoxed.zip # install mercurial python3 -m pip install --user mercurial ex..

Release: https://github.com/h0meb0dy/CTF/blob/main/Whitehat%20Contest%202023/Fall%20in%20love/for_user.zip I'm in fall in love to work. Analysis $ file fallinlove fallinlove: Rich Text Format data, version 1, ANSI, code page 1252, default middle east language ID 1025 RTF 파일이 주어집니다. rtfobj 툴을 이용하여 분석할 수 있습니다. rtfobj fallinlove CVE-2017-0199는 악성 OLE object가 삽입된 파일을 열면 원격 서버에서 악성 파일을 다운받아서 원격 코드 실행..

Release: https://github.com/h0meb0dy/CTF/blob/main/Whitehat%20Contest%202023/clip%20board/for_user.zip If you have something to save, save it. nc 43.201.64.101 8888 Mitigation Analysis Out of bound 세 가지 메뉴에 공통된 OOB 취약점이 존재합니다. Index를 입력받고 최댓값인 9보다 크지 않은지 검사하는데, 음수인지 검사하는 과정이 없습니다. 메모리 구조를 보면 chunk_list, check_chunk_list, chunk_size_list가 모두 인접해 있어서, OOB를 이용하여 값들을 조작할 수 있습니다. Exploit Tcache dup I..