ASIS CTF Quals 2018: Fifty Dollars Write-up

Solved by sherl0ck I found this challenge the best challenge in this CTF and used the House of Orange to solve it. I dunno whether there is an easier way to solve this. Anyway, the binary that was provided was 64-bit non stripped and dynamically linked one. Here are the mitigations that were imposed on the binary... Continue Reading →


0ctf quals: babyheap Writeup

Solved by sherl0ck For this challenge, we were given a 64-bit stripped and dynamically linked binary. The given libc was version 2.24, that has some checks that its predecessors did not have. Let's start by looking at the mitigation's enforced on the binary - gdb-peda$ checksec CANARY : ENABLED FORTIFY : disabled NX : ENABLED... Continue Reading →

BackdoorCTF 2018: bookkeeping Write-up

Solved by sherl0ck This was my first challenge that involved the shared memory object concept and I found it pretty interesting to solve. The provided binary began to segfault after an initial run and I contacted the admins who promptly addressed the issue and released an update for this challenge. The shared object was not... Continue Reading →

N1CTF 2018: vote Writeup

Solved by sherl0ck Firstly, kudos to the organizers for conducting such a quality CTF. Coming to this particular challenge, we were given the libc and the binary. The following were the mitigation's enforced on the binary- gdb-peda$ checksec CANARY : ENABLED FORTIFY : disabled NX : ENABLED PIE : disabled RELRO : Partial Reversing this... Continue Reading →

InCTF 2017: stupidrop Writeup

Challenge Author: sherl0ck This challenge was originally meant to be solved using srop (SigReturn Oriented Programming). But it ended up having a bug with which it was possible to directly invoke the execve syscall. This write-up will be focusing on solving the challenge using srop. As usual, let's start off by checking the permissions of the given binary.... Continue Reading →

InCTF 2017: gryffindor pwn Writeup

Challenge Author - 4rbit3r The binary that was given was a 64-bit, dynamically linked unstripped one. Checking it's permissions - CANARY : ENABLED FORTIFY : disabled NX : ENABLED PIE : disabled RELRO : Partial Okay, nothing out of the ordinary here. The program is a standard menu driven program to add, delete and edit... Continue Reading →

InCTF 2017: warm_heap pwn Writeup

Author: 4rbit3r Hello, this was a nice challenge from InCTF 2017, let's see how to get the exploit working. As usual, running checksec on the binary gives: Nothing much here, let us look at the program itself. It is a menu driven program with some basic functionalities: Add note Edit note Remove note View note These... Continue Reading →

InCTF 2017 : sort Writeup

Author: sherl0ck This CTF was organized by bi0s itself and was the first international edition of InCTF. The binary was a 32-bit, statically linked and unstripped. Here are it's permissions - CANARY : disabled FORTIFY : disabled NX : ENABLED PIE : disabled RELRO : Partial The executable was basically implementing a bubble sort algorithm. The sort... Continue Reading →

InCTF 2017: Warmup Pwn Writeup

Author: sg004 This was a simple challenge made to make the solver think. Hope you had fun doing it! 🙂 Let us first look at the protections enabled on the binary: NX is enabled so shellcode injection is not possible. The buffer overflow is apparent from the disassembly. There is a read call of 0x80... Continue Reading →

Create a free website or blog at

Up ↑